[Pkg-samba-maint] Bug#454670: winbind: "wbinfo -r" fails to show changed group memberships of "older" users
aragon at jpberlin.de
aragon at jpberlin.de
Thu Dec 6 22:38:47 UTC 2007
Package: winbind
Version: 3.0.24-6etch8
Severity: normal
Hello,
I have setup our squid proxy to authenticate Domain Accounts defined on
our ADS, which is working perfect. To differentiate the access
permissions of our users I use wbinfo_group.pl which relies on
"wbinfo -r USERNAME"
The problem is that "wbinfo -r USERNAME" does not show the change of
group membership of some (but not all) older accounts. "getent group"
(via libnss_winbind.so.2) correctly shows the tested changes.
The problem does not occur with newly created accounts.
Our ADS run "Windows Server 2003 SP2" and "Windows Server 2003 R2 SP2"
I can reproduce the problem with the following backported winbind
versions on the same host running etch: 3.0.27a-1, 3.0.26a-1,
3.2.0~pre1-1 and the version from sarge 3.0.14a-3sarge4. But I have
only done very few tests with them.
The following examples are generated in a small test domain. An level
10 debug log from winbindd corresponding to the following commands is
attached.
First Example:
--------------
"wbinfo -r" fails to recognise the removal of user "karen" from group
"inetuser"
1) # wbinfo -r karen
3000
3018
3019
3001
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
3) Removal of "karen" from group "inetuser" at one of our two ADS
4) # wbinfo -r karen
3000
3018
3019
3001
5) # getent group inetuser
inetuser:x:3000:kids,ab
Second Example:
---------------
"wbinfo -r" fails to recognise the addition of user "guru" to group
"inetuser"
1) # wbinfo -r guru
3018
3036
3011
3019
3009
3026
3025
3021
3024
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
3) Add "guru" to group "inetuser" on ADS
4) # wbinfo -r guru
3018
3036
3011
3019
3009
3026
3025
3021
3024
5) # getent group inetuser
inetuser:x:3000:kids,karen,ab,guru
Third Example:
---------------
"wbinfo -r" successfully recognises the addition of user "usera" to group
"inetuser"
1) # wbinfo -r usera
3001
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
3) Add "usera" to group "inetuser" on ADS
4) # wbinfo -r usera
3001
3000
5) # getent group inetuser
inetuser:x:3000:kids,usera,karen,ab
####################################
Configs
####################################
# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5.log
[libdefaults]
default_realm = DOMAIN
[realms]
DATASYSTEME = {
kdc = ads1.domain
kdc = ads2.domain
admin_server = ads1.domain
}
[domain_realm]
.domain = DOMAIN
-------------------------------------
# cat /etc/nsswitch.conf
passwd: files winbind
group: files winbind
shadow: files
hosts: files dns wins
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
-------------------------------------
cat /etc/samba/smb.conf
[global]
realm = DOMAIN
workgroup = DOMAIN
netbios name = HOSTNAME
server string = "Hostname Proxy Server"
security = ADS
passdb backend = tdbsam
encrypt passwords = true
username level = 2
hosts allow = 192.168.xx. 192.168.yy. 127.
winbind cache time = 1
winbind enum users = Yes
winbind enum groups = Yes
idmap uid = 2000-2999
idmap gid = 3000-3999
template homedir = /home/%D\%U
template shell = /bin/false
obey pam restrictions = yes
winbind use default domain = Yes
name resolve order = wins host bcast
wins server = 192.168.yy.30
dns proxy = no
panic action = /usr/share/samba/panic-action %d
debug level = 10
debug timestamp = yes
log file = /var/log/samba/%m.log
max log size = 0
local master = no
os level = 60
wins support = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
smb ports = 139
---------------------------------------
Any idea how to solve this?
Thanks,
Martin
-- System Information:
Debian Release: 4.0
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-486
Locale: LANG=de_DE at euro, LC_CTYPE=de_DE at euro (charmap=ISO-8859-15)
Versions of packages winbind depends on:
ii adduser 3.102 Add and remove users and groups
ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries
ii libcomer 1.39+1.40-WIP-2006.11.14+dfsg-2 common error description library
ii libkrb53 1.4.4-7etch4 MIT Kerberos runtime libraries
ii libldap2 2.1.30-13.3 OpenLDAP libraries
ii libpam0g 0.79-4 Pluggable Authentication Modules l
ii libpopt0 1.10-3 lib for parsing cmdline parameters
ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip
ii samba-co 3.0.24-6etch8 Samba common files used by both th
winbind recommends no packages.
-- no debconf information
-------------- next part --------------
First Example:
--------------
"wbinfo -r" fails to recognise the removal of user "karen" from group
"inetuser"
1) # wbinfo -r karen
3000
3018
3019
3001
[2007/12/06 21:55:16, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 17
[2007/12/06 21:55:16, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 21:55:16, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 21:55:16, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 21:55:16, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 21:55:16, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 21:55:16, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 21:55:16, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups karen
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=225
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 21:55:16, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 21:55:16, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 21:55:16, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 21:55:16, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 21:55:16, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 21:55:16, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1158]
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1158 of type 0x2
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3018
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3018 -> S-1-5-21-573177630-792016305-1830848205-1158
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3018]
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1159]
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1159 of type 0x2
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3019
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3019 -> S-1-5-21-573177630-792016305-1830848205-1159
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3019]
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-513]
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-513 of type 0x2
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3001
[2007/12/06 21:55:16, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3001 -> S-1-5-21-573177630-792016305-1830848205-513
[2007/12/06 21:55:16, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3001]
[2007/12/06 21:59:46, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 21:59:46, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:01:07, 6] nsswitch/winbindd.c:new_connection(601)
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
[2007/12/06 22:01:22, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:01:22, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:01:22, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:01:22, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:01:22, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:01:22, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:01:22, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:01:22, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:01:22, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:01:22, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:01:22, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:01:22, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:01:22, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:01:22, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000005
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:01:22, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:01:22, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(485)
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:01:22, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 05 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 5E E2 0C 88 4F 34 83 D4 47 .......^ ?..O4.?G
[030] 17 6D C8 BD D8 68 D8 77 B8 AB 98 FD 00 11 F8 08 .m???h?w ??.?..?.
[040] 75 5A DC F6 7D 71 3E B6 BE 6A 06 BA A0 DC D1 EB uZ??}q>? ?j.?????
[050] 4B 61 5A 3B DA E2 95 8B C0 FC 21 E4 AB 9A B6 9B KaZ;??.. ??!??.?.
--
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 16
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:01:22, 10] lib/util.c:dump_data(2222)
[000] E7 C5 EF D5 22 DB 2A C5 ????"?*?
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 17 mid = 10
[2007/12/06 22:01:22, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:01:22, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:01:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(485)
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:01:22, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 05 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 FA AA C0 96 F1 A5 33 ........ .???.??3
[020] E9 CD 15 D3 29 66 8A A2 7D 1F 9F 0B 7A C6 C9 99 ??.?)f.? }...z??.
[030] 79 F4 3A 0C EE 08 10 04 BA 48 A6 2C 99 F4 DA D8 y?:.?... ?H?,.???
[040] ED 5B 13 ED A4 55 A7 F7 17 41 81 B4 17 4C 7F 6D ?[.??U?? .A.?.L.m
[050] 2D 48 16 F4 2D 5A 44 8D CE 66 5A F3 42 B3 00 76 -H.?-ZD. ?fZ?B?.v
--
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 17 mid = 10
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 17
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 17: got good SMB signature of
[2007/12/06 22:01:22, 10] lib/util.c:dump_data(2222)
[000] 9D 6F D8 22 2E B5 ED FE .o?".???
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(485)
[2007/12/06 22:01:22, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:01:22, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 05 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 FA AA C0 96 F1 A5 33 ........ .???.??3
[020] E9 CD 15 D3 29 66 8A A2 7D 1F 9F 0B 7A C6 C9 99 ??.?)f.? }...z??.
[030] 79 F4 3A 0C EE 08 10 04 BA 48 A6 2C 99 F4 DA D8 y?:.?... ?H?,.???
[040] ED 5B 13 ED A4 55 A7 F7 17 41 81 B4 17 4C 7F 6D ?[.??U?? .A.?.L.m
[050] 2D 48 16 F4 2D 5A 44 8D CE 66 5A F3 42 B3 00 76 -H.?-ZD. ?fZ?B?.v
--
[2007/12/06 22:01:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 17 mid = 10
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000005
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:01:22, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:01:22, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:01:22, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:01:22, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:01:22, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:01:22, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:01:22, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:01:22, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:01:22, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:01:22, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:01:22, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:01:22, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(362)
fetch_cache_seqnum: timeout [DOMAIN][3120758 @ 1196974872]
[2007/12/06 22:01:22, 3] nsswitch/winbindd_ads.c:sequence_number(1018)
ads: fetch sequence_number for DOMAIN
[2007/12/06 22:01:22, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:01:22, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196974882
[2007/12/06 22:01:22, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
store_cache_seqnum: success [DOMAIN][3120758 @ 1196974882]
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120758
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:01:22, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:01:22, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:01:22, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:01:22, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:01:22, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:01:22, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196974882
[2007/12/06 22:01:22, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:01:22, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:01:22, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:01:22, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:01:22, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:01:22, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:01:22, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:01:22, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:01:22, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:01:22, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120758
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 3 names
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
karen S-1-5-21-573177630-792016305-1830848205-1127 1
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 11
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 14
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending karen at ndx 5
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 3, len = 14, mem = kids,karen,ab
[2007/12/06 22:01:22, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:02:01, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:02:01, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:02:01, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
3) Removal of "karen" from group "inetuser" at one of our two ADS
4) # wbinfo -r karen
3000
3018
3019
3001
[2007/12/06 22:07:54, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:07:54, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:07:54, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:07:54, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:07:54, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:07:54, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:07:54, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 22:07:54, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups karen
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=225
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:07:54, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:07:54, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 22:07:54, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:07:54, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 22:07:54, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 22:07:54, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1158]
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1158 of type 0x2
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3018
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3018 -> S-1-5-21-573177630-792016305-1830848205-1158
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3018]
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1159]
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1159 of type 0x2
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3019
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3019 -> S-1-5-21-573177630-792016305-1830848205-1159
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3019]
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-513]
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-513 of type 0x2
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3001
[2007/12/06 22:07:54, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3001 -> S-1-5-21-573177630-792016305-1830848205-513
[2007/12/06 22:07:54, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3001]
[2007/12/06 22:10:09, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:10:09, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:10:09, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
5) # getent group inetuser
inetuser:x:3000:kids,ab
[2007/12/06 22:10:09, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:10:09, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:10:09, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:10:09, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:10:09, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:10:09, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:10:09, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:10:09, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:10:09, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:10:09, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:10:09, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:10:09, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:10:09, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:10:09, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000006
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:10:09, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:10:09, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(485)
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:10:09, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 06 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 B0 4D 77 9E 0A FA 51 BA E6 .......? Mw..?Q??
[030] 15 62 BC EE BA D0 23 BB AB 71 2B AA B2 24 F5 63 .b????#? ?q+??$?c
[040] 84 AA D0 75 CD 92 FB A0 FB 21 3A F5 5C D2 07 4A .??u?.?? ?!:?\?.J
[050] 9C 9A 94 ED 7A 97 CD 30 9C 57 D9 6B 84 41 71 4A ...?z.?0 .W?k.AqJ
--
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 18
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:10:09, 10] lib/util.c:dump_data(2222)
[000] 7D 68 F8 29 FF A0 CF C4 }h?)????
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 19 mid = 11
[2007/12/06 22:10:09, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:10:09, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:10:09, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(485)
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:10:09, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 06 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 A6 75 0F E4 09 91 C6 ........ .?u.?..?
[020] 50 DB D7 21 8B 8E E3 D7 3A A5 44 94 6A AC DF 42 P??!..?? :?D.j??B
[030] AA AB 24 24 A0 22 BD 2A 0A 23 10 FD 5D EF C6 6A ??$$?"?* .#.?]??j
[040] 42 9F A9 CF D0 41 9F 58 83 26 A7 61 FA 48 79 20 B.???A.X .&?a?Hy
[050] EA E4 5C 3E 0D D0 C0 F0 CD 20 44 71 9D 13 66 4D ??\>.??? ? Dq..fM
--
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 19 mid = 11
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 19
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 19: got good SMB signature of
[2007/12/06 22:10:09, 10] lib/util.c:dump_data(2222)
[000] 4F 50 77 70 77 8F 72 7B OPwpw.r{
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(485)
[2007/12/06 22:10:09, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:10:09, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 06 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 A6 75 0F E4 09 91 C6 ........ .?u.?..?
[020] 50 DB D7 21 8B 8E E3 D7 3A A5 44 94 6A AC DF 42 P??!..?? :?D.j??B
[030] AA AB 24 24 A0 22 BD 2A 0A 23 10 FD 5D EF C6 6A ??$$?"?* .#.?]??j
[040] 42 9F A9 CF D0 41 9F 58 83 26 A7 61 FA 48 79 20 B.???A.X .&?a?Hy
[050] EA E4 5C 3E 0D D0 C0 F0 CD 20 44 71 9D 13 66 4D ??\>.??? ? Dq..fM
--
[2007/12/06 22:10:09, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 19 mid = 11
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000006
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:10:09, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:10:09, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:10:09, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:10:09, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:10:09, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:10:09, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:10:09, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:10:09, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:10:09, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:10:09, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:10:09, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:10:09, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(368)
fetch_cache_seqnum: success [DOMAIN][3120771 @ 1196975409]
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120771
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:10:09, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:10:09, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:10:09, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:10:09, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:10:09, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:10:09, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196975409
[2007/12/06 22:10:09, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:10:09, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:10:09, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:10:09, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:10:09, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:10:09, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:10:09, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120771
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 2 names
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 8
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 2, len = 8, mem = kids,ab
[2007/12/06 22:10:09, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:10:09, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:15:09, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:15:09, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:17:01, 6] nsswitch/winbindd.c:new_connection(601)
Second Example:
---------------
"wbinfo -r" fails to recognise the addition of user "guru" to group
"inetuser"
1) # wbinfo -r guru
3018
3036
3011
3019
3009
3026
3025
3021
3024
[2007/12/06 22:17:52, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:17:52, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:17:52, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:17:52, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:17:52, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:17:52, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:17:52, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 22:17:52, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups guru
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=269
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=181
[2007/12/06 22:17:52, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 22:17:52, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:17:52, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 22:17:52, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 22:17:52, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1158]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1158 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3018
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3018 -> S-1-5-21-573177630-792016305-1830848205-1158
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3018]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1226]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1226 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1226 -> GID 3036
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1226 -> GID 3036
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3036
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3036 -> S-1-5-21-573177630-792016305-1830848205-1226
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3036]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-512]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-512 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-512 -> GID 3011
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-512 -> GID 3011
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3011
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3011 -> S-1-5-21-573177630-792016305-1830848205-512
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3011]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1159]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1159 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3019
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3019 -> S-1-5-21-573177630-792016305-1830848205-1159
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3019]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-519]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-519 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-519 -> GID 3009
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-519 -> GID 3009
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3009
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3009 -> S-1-5-21-573177630-792016305-1830848205-519
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3009]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1202]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1202 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1202 -> GID 3026
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1202 -> GID 3026
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3026
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3026 -> S-1-5-21-573177630-792016305-1830848205-1202
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3026]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1199]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1199 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1199 -> GID 3025
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1199 -> GID 3025
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3025
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3025 -> S-1-5-21-573177630-792016305-1830848205-1199
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3025]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1170]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1170 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1170 -> GID 3021
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1170 -> GID 3021
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3021
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3021 -> S-1-5-21-573177630-792016305-1830848205-1170
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3021]
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1198]
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1198 of type 0x2
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1198 -> GID 3024
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1198 -> GID 3024
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3024
[2007/12/06 22:17:52, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3024 -> S-1-5-21-573177630-792016305-1830848205-1198
[2007/12/06 22:17:52, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3024]
[2007/12/06 22:19:28, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:19:28, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:19:28, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
[2007/12/06 22:19:28, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:19:28, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:19:28, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:19:28, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:19:28, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:19:28, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:19:28, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:19:28, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:19:28, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:19:28, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:19:28, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:19:28, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:19:28, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:19:28, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000007
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:19:28, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:19:28, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(485)
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:19:28, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 07 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 B7 DC 0A B2 0D 91 3B 40 7F .......? ?.?..;@.
[030] 6B C8 2A 98 63 C6 15 D9 1E 94 06 BA 7A C7 B6 4D k?*.c?.? ...?z??M
[040] EC 60 F9 2A 21 E2 CD 3E 08 60 83 7A A8 05 41 51 ?`?*!??> .`.z?.AQ
[050] 98 45 6C 8D 61 A6 4F 2D E6 BB 14 4F 60 54 99 FF .El.a?O- ??.O`T.?
--
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 20
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:19:28, 10] lib/util.c:dump_data(2222)
[000] 34 E6 46 4A FF 44 F5 48 4?FJ?D?H
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 21 mid = 12
[2007/12/06 22:19:28, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:19:28, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:19:28, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(485)
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:19:28, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 07 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 89 DC 5B 1B A7 27 D0 ........ ..?[.?'?
[020] CC 4A 87 E2 F1 2E DD 78 49 4D 9E DB B7 87 D6 7C ?J.??.?x IM.??.?|
[030] EC 2F F3 1A 9D FB 70 2C 8F D5 80 12 E5 95 18 7A ?/?..?p, .?..?..z
[040] B9 79 C2 73 E0 2D C2 19 7F 7A 9A A0 25 0C 64 CE ?y?s?-?. .z.?%.d?
[050] F1 5B D7 2D CA 65 A3 82 C0 E5 1B AE 89 F3 53 82 ?[?-?e?. ??.?.?S.
--
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 21 mid = 12
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 21
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 21: got good SMB signature of
[2007/12/06 22:19:28, 10] lib/util.c:dump_data(2222)
[000] AE 19 C9 B1 97 DC B5 34 ?.??.??4
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(485)
[2007/12/06 22:19:28, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:19:28, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 07 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 89 DC 5B 1B A7 27 D0 ........ ..?[.?'?
[020] CC 4A 87 E2 F1 2E DD 78 49 4D 9E DB B7 87 D6 7C ?J.??.?x IM.??.?|
[030] EC 2F F3 1A 9D FB 70 2C 8F D5 80 12 E5 95 18 7A ?/?..?p, .?..?..z
[040] B9 79 C2 73 E0 2D C2 19 7F 7A 9A A0 25 0C 64 CE ?y?s?-?. .z.?%.d?
[050] F1 5B D7 2D CA 65 A3 82 C0 E5 1B AE 89 F3 53 82 ?[?-?e?. ??.?.?S.
--
[2007/12/06 22:19:28, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 21 mid = 12
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000007
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:19:28, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:19:28, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:19:28, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:19:28, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:19:28, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:19:28, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:19:28, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:19:28, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:19:28, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:19:28, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:19:28, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:19:28, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(362)
fetch_cache_seqnum: timeout [DOMAIN][3120785 @ 1196975872]
[2007/12/06 22:19:28, 3] nsswitch/winbindd_ads.c:sequence_number(1018)
ads: fetch sequence_number for DOMAIN
[2007/12/06 22:19:28, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:19:28, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196975968
[2007/12/06 22:19:28, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
store_cache_seqnum: success [DOMAIN][3120786 @ 1196975968]
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120786
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:19:28, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:19:28, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:19:28, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:19:28, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:19:28, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:19:28, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196975968
[2007/12/06 22:19:28, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:19:28, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:19:28, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:19:28, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:19:28, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:19:28, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:19:28, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:19:28, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:19:28, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:19:28, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120786
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 3 names
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
karen S-1-5-21-573177630-792016305-1830848205-1127 1
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 11
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 14
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending karen at ndx 5
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 3, len = 14, mem = kids,karen,ab
[2007/12/06 22:19:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:20:28, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:20:28, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:21:19, 6] nsswitch/winbindd.c:new_connection(601)
3) Add "guru" to group "inetuser" on ADS
4) # wbinfo -r guru
3018
3036
3011
3019
3009
3026
3025
3021
3024
[2007/12/06 22:23:37, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:23:37, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:23:37, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:23:37, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:23:37, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:23:37, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:23:37, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 22:23:37, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups guru
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=269
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=181
[2007/12/06 22:23:37, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 22:23:37, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:23:37, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 22:23:37, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 22:23:37, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1158]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1158 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1158 -> GID 3018
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3018
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3018 -> S-1-5-21-573177630-792016305-1830848205-1158
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3018]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1226]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1226 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1226 -> GID 3036
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1226 -> GID 3036
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3036
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3036 -> S-1-5-21-573177630-792016305-1830848205-1226
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3036]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-512]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-512 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-512 -> GID 3011
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-512 -> GID 3011
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3011
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3011 -> S-1-5-21-573177630-792016305-1830848205-512
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3011]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1159]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1159 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1159 -> GID 3019
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3019
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3019 -> S-1-5-21-573177630-792016305-1830848205-1159
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3019]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-519]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-519 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-519 -> GID 3009
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-519 -> GID 3009
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3009
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3009 -> S-1-5-21-573177630-792016305-1830848205-519
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3009]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1202]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1202 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1202 -> GID 3026
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1202 -> GID 3026
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3026
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3026 -> S-1-5-21-573177630-792016305-1830848205-1202
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3026]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1199]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1199 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1199 -> GID 3025
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1199 -> GID 3025
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3025
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3025 -> S-1-5-21-573177630-792016305-1830848205-1199
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3025]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1170]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1170 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1170 -> GID 3021
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1170 -> GID 3021
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3021
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3021 -> S-1-5-21-573177630-792016305-1830848205-1170
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3021]
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1198]
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1198 of type 0x2
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1198 -> GID 3024
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1198 -> GID 3024
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3024
[2007/12/06 22:23:37, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3024 -> S-1-5-21-573177630-792016305-1830848205-1198
[2007/12/06 22:23:37, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3024]
[2007/12/06 22:24:23, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:24:23, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:24:23, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
5) # getent group inetuser
inetuser:x:3000:kids,karen,ab,guru
[2007/12/06 22:24:23, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:24:23, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:24:23, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:24:23, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:24:23, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:24:23, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:24:23, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:24:23, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:24:23, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:24:23, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:24:23, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:24:23, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:24:23, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:24:23, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000009
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:24:23, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:24:23, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(485)
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:24:23, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 09 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 F4 16 78 FD 8B 51 F8 85 09 .......? .x?.Q?..
[030] 6D 09 C8 71 D4 44 FA DD 62 23 E2 5F 76 1C 68 2D m.?q?D?? b#?_v.h-
[040] 87 4F 46 D5 6E 12 45 FA F7 15 ED 08 FF 94 CB E6 .OF?n.E? ?.?.?.??
[050] 68 7C 86 D5 94 F4 A0 39 A7 D8 4B 9A B5 43 69 24 h|.?.??9 ??K.?Ci$
--
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 24
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:24:23, 10] lib/util.c:dump_data(2222)
[000] F7 87 C8 10 49 79 1B E8 ?.?.Iy.?
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 25 mid = 14
[2007/12/06 22:24:23, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:24:23, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:24:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(485)
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:24:23, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 09 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 B1 5C 45 60 9A E3 19 ........ .?\E`.?.
[020] 15 1D 5B 97 ED AA 46 D1 8B E5 2E 6F 4E ED 67 71 ..[.??F? .?.oN?gq
[030] C1 84 4A B1 C4 DC 48 C6 AD 87 FE 0C EB 34 12 F4 ?.J???H? ?.?.?4.?
[040] 49 99 E9 51 05 0D EE 38 DF F4 58 3B E7 B7 EA 6F I.?Q..?8 ??X;???o
[050] 02 C2 F3 55 A3 B7 92 72 1B FC 6A 1D 9E FB 03 4F .??U??.r .?j..?.O
--
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 25 mid = 14
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 25
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 25: got good SMB signature of
[2007/12/06 22:24:23, 10] lib/util.c:dump_data(2222)
[000] 37 A1 15 64 78 40 89 42 7?.dx at .B
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(485)
[2007/12/06 22:24:23, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:24:23, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 09 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 B1 5C 45 60 9A E3 19 ........ .?\E`.?.
[020] 15 1D 5B 97 ED AA 46 D1 8B E5 2E 6F 4E ED 67 71 ..[.??F? .?.oN?gq
[030] C1 84 4A B1 C4 DC 48 C6 AD 87 FE 0C EB 34 12 F4 ?.J???H? ?.?.?4.?
[040] 49 99 E9 51 05 0D EE 38 DF F4 58 3B E7 B7 EA 6F I.?Q..?8 ??X;???o
[050] 02 C2 F3 55 A3 B7 92 72 1B FC 6A 1D 9E FB 03 4F .??U??.r .?j..?.O
--
[2007/12/06 22:24:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 25 mid = 14
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 00000009
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:24:23, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:24:23, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:24:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:24:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:24:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:24:23, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:24:23, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:24:23, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:24:23, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:24:23, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:24:23, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:24:23, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(362)
fetch_cache_seqnum: timeout [DOMAIN][3120792 @ 1196976217]
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:sequence_number(1018)
ads: fetch sequence_number for DOMAIN
[2007/12/06 22:24:23, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:24:23, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976263
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
store_cache_seqnum: success [DOMAIN][3120795 @ 1196976263]
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120795
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:24:23, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:24:23, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:24:23, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:24:23, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:24:23, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:24:23, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976263
[2007/12/06 22:24:23, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:24:23, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:24:23, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:24:23, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120795
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 4 names
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
karen S-1-5-21-573177630-792016305-1830848205-1127 1
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
guru S-1-5-21-573177630-792016305-1830848205-1112 1
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 11
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 14
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name guru
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 19
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending karen at ndx 5
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name guru
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending guru at ndx 4
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 4, len = 19, mem = kids,karen,ab,guru
[2007/12/06 22:24:23, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:25:53, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:25:53, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:27:45, 6] nsswitch/winbindd.c:new_connection(601)
Third Example:
---------------
"wbinfo -r" successfully recognises the addition of user "usera" to group
"inetuser"
1) # wbinfo -r usera
3001
[2007/12/06 22:27:45, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:27:45, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:27:45, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:27:45, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:27:45, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:27:45, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:27:45, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 22:27:45, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups usera
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=45
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:27:45, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:27:45, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 22:27:45, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:27:45, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 22:27:45, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 22:27:45, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:27:45, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-513]
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-513 of type 0x2
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3001
[2007/12/06 22:27:45, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3001 -> S-1-5-21-573177630-792016305-1830848205-513
[2007/12/06 22:27:45, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3001]
[2007/12/06 22:28:51, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:28:51, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:28:51, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
2) # getent group inetuser
inetuser:x:3000:kids,karen,ab
[2007/12/06 22:28:51, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:28:51, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:28:51, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:28:51, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:28:51, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:28:51, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:28:51, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:28:51, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:28:51, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:28:51, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:28:51, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:28:51, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:28:51, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:28:51, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 0000000a
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:28:51, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:28:51, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(485)
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:28:51, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 0A 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 7C 99 F5 F1 D9 19 93 5C F5 .......| .???..\?
[030] 2A 1F 2B 75 2E AF 98 28 1D 22 73 9E E8 F5 4C F4 *.+u.?.( ."s.??L?
[040] 91 B7 64 0B 1D 07 AB F7 55 01 D4 43 04 1C 8B E3 .?d...?? U.?C...?
[050] D0 2A A8 3B 28 E0 37 FF 79 F9 B9 73 E5 21 53 7E ?*?;(?7? y??s?!S~
--
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 26
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:28:51, 10] lib/util.c:dump_data(2222)
[000] D1 3A AC C3 EC F6 CE 86 ?:?????.
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 27 mid = 15
[2007/12/06 22:28:51, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:28:51, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:28:51, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(485)
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:28:51, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 0A 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 AA C2 7B 6A 73 CA DA ........ .??{js??
[020] 4D 78 64 13 C6 4E 6B 6B 05 C1 C6 89 E8 72 5F 05 Mxd.?Nkk .??.?r_.
[030] 18 7A 6C 06 43 09 3E FA A5 A3 91 33 24 15 02 A9 .zl.C.>? ??.3$..?
[040] B1 AA 30 A8 09 E7 5D CD 6C 43 B8 38 3B 75 6F 52 ??0?.?]? lC?8;uoR
[050] 54 2B 2A 3E 52 A1 FD CD C8 CE 3E 11 C4 2A E5 4C T+*>R??? ??>.?*?L
--
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 27 mid = 15
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 27
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 27: got good SMB signature of
[2007/12/06 22:28:51, 10] lib/util.c:dump_data(2222)
[000] D8 32 C6 F7 64 83 F9 2D ?2??d.?-
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(485)
[2007/12/06 22:28:51, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:28:51, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 0A 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 AA C2 7B 6A 73 CA DA ........ .??{js??
[020] 4D 78 64 13 C6 4E 6B 6B 05 C1 C6 89 E8 72 5F 05 Mxd.?Nkk .??.?r_.
[030] 18 7A 6C 06 43 09 3E FA A5 A3 91 33 24 15 02 A9 .zl.C.>? ??.3$..?
[040] B1 AA 30 A8 09 E7 5D CD 6C 43 B8 38 3B 75 6F 52 ??0?.?]? lC?8;uoR
[050] 54 2B 2A 3E 52 A1 FD CD C8 CE 3E 11 C4 2A E5 4C T+*>R??? ??>.?*?L
--
[2007/12/06 22:28:51, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 27 mid = 15
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 0000000a
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:28:51, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:28:51, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:28:51, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:28:51, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:28:51, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:28:51, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:28:51, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:28:51, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:28:51, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:28:51, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:28:51, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:28:51, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(362)
fetch_cache_seqnum: timeout [DOMAIN][3120802 @ 1196976465]
[2007/12/06 22:28:51, 3] nsswitch/winbindd_ads.c:sequence_number(1018)
ads: fetch sequence_number for DOMAIN
[2007/12/06 22:28:51, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:28:51, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976531
[2007/12/06 22:28:51, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
store_cache_seqnum: success [DOMAIN][3120802 @ 1196976531]
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120802
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:28:51, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:28:51, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:28:51, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:28:51, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:28:51, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:28:51, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976531
[2007/12/06 22:28:51, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:28:51, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:28:51, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:28:51, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:28:51, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:28:51, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:28:51, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:28:51, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:28:51, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:28:51, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120802
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 3 names
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
karen S-1-5-21-573177630-792016305-1830848205-1127 1
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 11
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 14
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending karen at ndx 5
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 3, len = 14, mem = kids,karen,ab
[2007/12/06 22:28:51, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:30:26, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:30:26, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:30:26, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
3) Add "usera" to group "inetuser" on ADS
4) # wbinfo -r usera
3001
3000
[2007/12/06 22:30:26, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:30:26, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:30:26, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:30:26, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:30:26, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:30:26, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:30:26, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGROUPS
[2007/12/06 22:30:26, 3] nsswitch/winbindd_group.c:winbindd_getgroups(1017)
[ 0]: getgroups usera
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=90
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:30:26, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:30:26, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1088)
Expanding our own local groups
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20540
[2007/12/06 22:30:26, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:30:26, 10] nsswitch/winbindd_async.c:gettoken_recvaliases(1098)
Expanding our own BUILTIN groups
[2007/12/06 22:30:26, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20541
[2007/12/06 22:30:26, 10] nsswitch/winbindd_async.c:getsidaliases_recv(839)
getsidaliases return 0 SIDs
[2007/12/06 22:30:26, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-513]
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-513 of type 0x2
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-513 -> GID 3001
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3001
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3001 -> S-1-5-21-573177630-792016305-1830848205-513
[2007/12/06 22:30:26, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3001]
[2007/12/06 22:30:26, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:30:26, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:30:26, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:30:56, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:30:56, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:31:47, 6] nsswitch/winbindd.c:new_connection(601)
5) # getent group inetuser
inetuser:x:3000:kids,usera,karen,ab
[2007/12/06 22:31:47, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 18
[2007/12/06 22:31:47, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn INTERFACE_VERSION
[2007/12/06 22:31:47, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(483)
[ 0]: request interface version
[2007/12/06 22:31:47, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2007/12/06 22:31:47, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(516)
[ 0]: request location of privileged pipe
[2007/12/06 22:31:47, 6] nsswitch/winbindd.c:new_connection(601)
accepted socket 22
[2007/12/06 22:31:47, 10] nsswitch/winbindd.c:process_request(287)
process_request: request fn GETGRNAM
[2007/12/06 22:31:47, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(220)
[ 0]: getgrnam inetuser
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:name_to_sid(1289)
name_to_sid: [Cached] - doing backend query for name for domain DOMAIN
[2007/12/06 22:31:47, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(257)
rpc: name_to_sid name=DOMAIN\inetuser
[2007/12/06 22:31:47, 3] nsswitch/winbindd_rpc.c:msrpc_name_to_sid(265)
name_to_sid [rpc] DOMAIN\inetuser for domain DOMAIN
[2007/12/06 22:31:47, 5] rpc_parse/parse_lsa.c:init_q_lookup_names(1567)
init_q_lookup_names
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_q_lookup_names
[2007/12/06 22:31:47, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 data1: 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 data2: caad6fba
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 data3: 1c36
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a data4: 4165
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8s(855)
000c data5: 88 f9 e7 83 e5 86 10 6b
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0014 num_entries : 00000001
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 num_entries2 : 00000001
[2007/12/06 22:31:47, 6] rpc_parse/parse_prs.c:prs_debug(84)
00001c smb_io_unihdr hdr_name
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001c uni_str_len: 0028
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
001e uni_max_len: 0028
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 buffer : 00000001
[2007/12/06 22:31:47, 6] rpc_parse/parse_prs.c:prs_debug(84)
000024 smb_io_unistr2 dom_name
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 uni_max_len: 00000014
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 offset : 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
002c uni_str_len: 00000014
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
0030 buffer : D.A.T.A.S.Y.S.T.E.M.E.\.i.n.e.t.u.s.e.r.
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0058 num_trans_entries : 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
005c ptr_trans_sids : 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0060 lookup_level : 0001
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 mapped_count : 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr hdr
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 0098
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 0000000b
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_req hdr_req
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000068
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 opnum : 000e
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000080 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0080 auth_type : 09
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0081 auth_level : 06
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0082 auth_pad_len : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0083 auth_reserved: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0084 auth_context_id: 00000001
[2007/12/06 22:31:47, 10] libsmb/ntlmssp_sign.c:ntlmssp_seal_packet(249)
ntlmssp_seal_data: seal
[2007/12/06 22:31:47, 5] rpc_client/cli_pipe.c:rpc_api_pipe(770)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(485)
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(495)
size=234
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
--
[2007/12/06 22:31:47, 10] lib/util.c:dump_data(2222)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 98 00 10 00 0B 00 00 00 68 ........ .......h
[020] 00 00 00 00 00 0E 00 F6 5D 86 91 71 68 06 5C 95 .......? ]..qh.\.
[030] 32 3D 72 C6 53 95 05 DB 40 9B 92 64 59 F4 A4 5A 2=r?S..? @..dY??Z
[040] 82 E8 65 FD 08 6D B1 B8 8A 6D 6F CB 74 CA DA E6 .?e?.m?? .mo?t???
[050] 26 AE A9 D3 8B 2A 8D 9B 8D 83 CA 63 29 7B 97 5B &???.*.. ..?c){.[
--
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 28
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/12/06 22:31:47, 10] lib/util.c:dump_data(2222)
[000] DF ED 74 17 0F F9 29 41 ??t..?)A
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 29 mid = 16
[2007/12/06 22:31:47, 6] libsmb/clientgen.c:write_socket(132)
write_socket(17,238)
[2007/12/06 22:31:47, 6] libsmb/clientgen.c:write_socket(135)
write_socket(17,238) wrote 238
[2007/12/06 22:31:47, 10] lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 232
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(485)
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:31:47, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 0B 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 5F AD B6 ED CD B0 04 ........ ._?????.
[020] 9C FD 70 E6 53 80 7F 22 0D 82 A6 63 7B 48 3D 53 .?p?S.." ..?c{H=S
[030] FB 03 2E 61 05 8D 44 21 8F 3A 5B 8E F0 E2 11 CA ?..a..D! .:[.??.?
[040] 75 ED B0 55 B1 83 2B C4 F7 58 CE A6 2B D2 BA 66 u??U?.+? ?X??+??f
[050] 79 63 30 A1 F7 7C E3 B0 F7 62 77 97 FD 3F 32 6C yc0??|?? ?bw.??2l
--
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 29 mid = 16
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 29
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:client_check_incoming_message(428)
client_check_incoming_message: seq 29: got good SMB signature of
[2007/12/06 22:31:47, 10] lib/util.c:dump_data(2222)
[000] 64 FE 72 3E D7 DF 77 1F d?r>??w.
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(485)
[2007/12/06 22:31:47, 5] lib/util.c:show_msg(495)
size=232
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
--
[2007/12/06 22:31:47, 10] lib/util.c:dump_data(2222)
[000] 00 05 00 02 03 10 00 00 00 B0 00 10 00 0B 00 00 ........ .?......
[010] 00 80 00 00 00 00 00 00 00 5F AD B6 ED CD B0 04 ........ ._?????.
[020] 9C FD 70 E6 53 80 7F 22 0D 82 A6 63 7B 48 3D 53 .?p?S.." ..?c{H=S
[030] FB 03 2E 61 05 8D 44 21 8F 3A 5B 8E F0 E2 11 CA ?..a..D! .:[.??.?
[040] 75 ED B0 55 B1 83 2B C4 F7 58 CE A6 2B D2 BA 66 u??U?.+? ?X??+??f
[050] 79 63 30 A1 F7 7C E3 B0 F7 62 77 97 FD 3F 32 6C yc0??|?? ?bw.??2l
--
[2007/12/06 22:31:47, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 29 mid = 16
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_rpc_hdr rpc_hdr
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0000 major : 05
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0001 minor : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0002 pkt_type : 02
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0003 flags : 03
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0004 pack_type0: 10
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0005 pack_type1: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0006 pack_type2: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0007 pack_type3: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0008 frag_len : 00b0
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
000a auth_len : 0010
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c call_id : 0000000b
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 alloc_hint: 00000080
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 context_id: 0000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0016 cancel_ct : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0017 reserved : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000098 smb_io_rpc_hdr_auth hdr_auth
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0098 auth_type : 09
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0099 auth_level : 06
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009a auth_pad_len : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
009b auth_reserved: 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
009c auth_context_id: 00000001
[2007/12/06 22:31:47, 10] libsmb/ntlmssp_sign.c:ntlmssp_unseal_packet(310)
ntlmssp_unseal_data: seal
[2007/12/06 22:31:47, 10] libsmb/ntlmssp_sign.c:ntlmssp_check_packet(223)
ntlmssp_check_packet: NTLMSSP signature OK !
[2007/12/06 22:31:47, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(577)
cli_pipe_validate_current_pdu: got pdu len 176, data_len 128, ss_len 0
[2007/12/06 22:31:47, 10] rpc_client/cli_pipe.c:rpc_api_pipe(843)
rpc_api_pipe: got PDU len of 176 at offset 0
[2007/12/06 22:31:47, 10] rpc_client/cli_pipe.c:rpc_api_pipe(894)
rpc_api_pipe: Remote machine ADS1 pipe \lsarpc fnum 0x17 returned 256 bytes.
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 lsa_io_r_lookup_names
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0000 ptr_dom_ref: 00020000
[2007/12/06 22:31:47, 6] rpc_parse/parse_prs.c:prs_debug(84)
000004 lsa_io_dom_r_ref
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0004 num_ref_doms_1: 00000001
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0008 ptr_ref_dom : 00020004
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
000c max_entries : 00000020
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0010 num_ref_doms_2: 00000001
[2007/12/06 22:31:47, 7] rpc_parse/parse_prs.c:prs_debug(84)
000014 smb_io_unihdr dom_ref[0]
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0014 uni_str_len: 0016
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
0016 uni_max_len: 0018
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0018 buffer : 00020008
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
001c sid_ptr[0] : 0002000c
[2007/12/06 22:31:47, 7] rpc_parse/parse_prs.c:prs_debug(84)
000020 smb_io_unistr2 dom_ref[0]
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0020 uni_max_len: 0000000c
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0024 offset : 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0028 uni_str_len: 0000000b
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:dbg_rw_punival(940)
002c buffer : D.A.T.A.S.Y.S.T.E.M.E.
[2007/12/06 22:31:47, 7] rpc_parse/parse_prs.c:prs_debug(84)
000044 smb_io_dom_sid2 sid_ptr[0]
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0044 num_auths: 00000004
[2007/12/06 22:31:47, 8] rpc_parse/parse_prs.c:prs_debug(84)
000048 smb_io_dom_sid sid
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0048 sid_rev_num: 01
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
0049 num_auths : 04
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004a id_auth[0] : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004b id_auth[1] : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004c id_auth[2] : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004d id_auth[3] : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004e id_auth[4] : 00
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint8(615)
004f id_auth[5] : 05
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32s(995)
0050 sub_auths : 00000015 2229ff1e 2f3535b1 6d2086cd
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0060 num_entries: 00000001
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0064 ptr_entries: 00020010
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0068 num_entries2: 00000001
[2007/12/06 22:31:47, 6] rpc_parse/parse_prs.c:prs_debug(84)
00006c smb_io_dom_rid
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint16(679)
006c type : 0002
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0070 rid : 000004cb
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0074 rid_idx: 00000000
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_uint32(708)
0078 mapped_count: 00000001
[2007/12/06 22:31:47, 5] rpc_parse/parse_prs.c:prs_ntstatus(767)
007c status : NT_STATUS_OK
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:fetch_cache_seqnum(362)
fetch_cache_seqnum: timeout [DOMAIN][3120807 @ 1196976656]
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:sequence_number(1018)
ads: fetch sequence_number for DOMAIN
[2007/12/06 22:31:47, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:31:47, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976707
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:store_cache_seqnum(400)
store_cache_seqnum: success [DOMAIN][3120807 @ 1196976707]
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120807
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:wcache_save_name_to_sid(764)
wcache_save_name_to_sid: DOMAIN\INETUSER -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:wcache_save_sid_to_name(787)
wcache_save_sid_to_name: S-1-5-21-573177630-792016305-1830848205-1227 -> inetuser
[2007/12/06 22:31:47, 10] sam/idmap_util.c:idmap_sid_to_gid(99)
sid_to_gid: sid = [S-1-5-21-573177630-792016305-1830848205-1227]
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:db_get_id_from_sid(277)
db_get_id_from_sid
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:internal_get_id_from_sid(183)
internal_get_id_from_sid: fetching record S-1-5-21-573177630-792016305-1830848205-1227 of type 0x2
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:internal_get_id_from_sid(190)
internal_get_id_from_sid: record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:internal_get_id_from_sid(224)
internal_get_id_from_sid: ID_GROUPID fetching record S-1-5-21-573177630-792016305-1830848205-1227 -> GID 3000
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:internal_get_sid_from_id(152)
internal_get_sid_from_id: fetching record GID 3000
[2007/12/06 22:31:47, 10] sam/idmap_tdb.c:internal_get_sid_from_id(158)
internal_get_sid_from_id: fetching record GID 3000 -> S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:31:47, 10] sam/idmap_util.c:idmap_sid_to_gid(107)
idmap_sid_to_gid: gid = [3000]
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(79)
group SID S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:lookup_groupmem(1665)
lookup_groupmem: [Cached] - doing backend query for info for domain DOMAIN
[2007/12/06 22:31:47, 10] nsswitch/winbindd_ads.c:lookup_groupmem(879)
ads: lookup_groupmem DOMAIN sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:31:47, 10] nsswitch/winbindd_ads.c:ads_cached_connection(43)
ads_cached_connection
[2007/12/06 22:31:47, 7] nsswitch/winbindd_ads.c:ads_cached_connection(51)
Current tickets expire at 1197010868, time is now 1196976707
[2007/12/06 22:31:47, 10] nsswitch/winbindd_ads.c:lookup_groupmem(919)
Searching for attrs[0] = member, attrs[1] = usnChanged
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\1E\FF\29\22\B1\35\35\2F\CD\86\20\6D\CB\04\00\00) gave 1 replies
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:dn_lookup(421)
ads: dn_lookup
[2007/12/06 22:31:47, 5] libads/ldap_utils.c:ads_do_search_retry_internal(63)
Search for (objectclass=*) gave 1 replies
[2007/12/06 22:31:47, 3] nsswitch/winbindd_ads.c:lookup_groupmem(1003)
ads lookup_groupmem for sid=S-1-5-21-573177630-792016305-1830848205-1227
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(430)
refresh_sequence_number: DOMAIN time ok
[2007/12/06 22:31:47, 10] nsswitch/winbindd_cache.c:refresh_sequence_number(459)
refresh_sequence_number: DOMAIN seq number is now 3120807
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(111)
looked up 4 names
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
kids S-1-5-21-573177630-792016305-1830848205-1621 1
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
UserA S-1-5-21-573177630-792016305-1830848205-1235 1
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
karen S-1-5-21-573177630-792016305-1830848205-1127 1
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(117)
ab S-1-5-21-573177630-792016305-1830848205-1125 1
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 5 = 5
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name UserA
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 11
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 6 = 17
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(158)
buf_len + 3 = 20
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name kids
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending kids at ndx 4
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name UserA
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending usera at ndx 5
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name karen
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending karen at ndx 5
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(134)
processing name ab
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(160)
appending ab at ndx 2
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(188)
num_mem = 4, len = 20, mem = kids,usera,karen,ab
[2007/12/06 22:31:47, 10] nsswitch/winbindd_group.c:fill_grent_mem(195)
fill_grent_mem returning 1
[2007/12/06 22:36:17, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2006)
Retrieving response for pid 20530
[2007/12/06 22:36:17, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(2028)
Retrieving extra data length=64
[2007/12/06 22:39:12, 6] nsswitch/winbindd.c:new_connection(601)
More information about the Pkg-samba-maint
mailing list