root@zalupa:~# /usr/sbin/smbd -F -S --no-process-group -d10
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
smbd version 4.14.12 started.
Copyright Andrew Tridgell and the Samba Team 1992-2021
uid=0 gid=0 euid=0 egid=0
Paths:
SBINDIR: /usr/sbin
BINDIR: /usr/bin
CONFIGFILE: /etc/samba/smb.conf
LOGFILEBASE: /var/log
LMHOSTSFILE: /etc/samba/lmhosts
LIBDIR: /usr/lib
DATADIR: /usr/share
SAMBA_DATADIR: /usr/share/samba
MODULESDIR: /usr/lib/samba
SHLIBEXT: so
LOCKDIR: /var/lock
STATEDIR: /var/lib/samba
CACHEDIR: /var/cache/samba
PIDDIR: /var/run
SMB_PASSWD_FILE: /etc/samba/smbpasswd
PRIVATE_DIR: /etc/samba
BINDDNS_DIR: /var/lib/samba/bind-dns
System Headers:
HAVE_SYS_ACL_H
HAVE_SYS_AUXV_H
HAVE_SYS_CAPABILITY_H
HAVE_SYS_DIR_H
HAVE_SYS_EPOLL_H
HAVE_SYS_EVENTFD_H
HAVE_SYS_FCNTL_H
HAVE_SYS_FILE_H
HAVE_SYS_INOTIFY_H
HAVE_SYS_IOCTL_H
HAVE_SYS_IPC_H
HAVE_SYS_KERNEL_PROC_CORE_PATTERN
HAVE_SYS_MMAN_H
HAVE_SYS_MOUNT_H
HAVE_SYS_PARAM_H
HAVE_SYS_PRCTL_H
HAVE_SYS_RESOURCE_H
HAVE_SYS_SELECT_H
HAVE_SYS_SENDFILE_H
HAVE_SYS_SHM_H
HAVE_SYS_SOCKET_H
HAVE_SYS_STATFS_H
HAVE_SYS_STATVFS_H
HAVE_SYS_STAT_H
HAVE_SYS_STROPTS_H
HAVE_SYS_SYSCALL_H
HAVE_SYS_SYSLOG_H
HAVE_SYS_SYSMACROS_H
HAVE_SYS_TERMIOS_H
HAVE_SYS_TIMEB_H
HAVE_SYS_TIMES_H
HAVE_SYS_TIME_H
HAVE_SYS_TYPES_H
HAVE_SYS_UCONTEXT_H
HAVE_SYS_UIO_H
HAVE_SYS_UN_H
HAVE_SYS_UTSNAME_H
HAVE_SYS_VFS_H
HAVE_SYS_WAIT_H
HAVE_SYS_XATTR_H
Headers:
HAVE_ACL_LIBACL_H
HAVE_ALLOCA_H
HAVE_ARPA_INET_H
HAVE_ARPA_NAMESER_H
HAVE_ASM_TYPES_H
HAVE_ASM_UNISTD_H
HAVE_ASSERT_H
HAVE_ATTR_ATTRIBUTES_H
HAVE_COM_ERR_H
HAVE_CONFIG_H
HAVE_CRYPT_H
HAVE_CTYPE_H
HAVE_CURSES_H
HAVE_DIRENT_H
HAVE_DLFCN_H
HAVE_ENDIAN_H
HAVE_ERRNO_H
HAVE_ERR_H
HAVE_FCNTL_H
HAVE_FLOAT_H
HAVE_FNMATCH_H
HAVE_FTW_H
HAVE_GETOPT_H
HAVE_GLOB_H
HAVE_GNUTLS_GNUTLS_H
HAVE_GPFS_H
HAVE_GRP_H
HAVE_GSSAPI_GSSAPI_H
HAVE_GSSAPI_GSSAPI_KRB5_H
HAVE_GSSAPI_GSSAPI_SPNEGO_H
HAVE_ICONV_H
HAVE_IFADDRS_H
HAVE_INTTYPES_H
HAVE_KRB5_H
HAVE_KRB5_LOCATE_PLUGIN_H
HAVE_LANGINFO_H
HAVE_LASTLOG_H
HAVE_LIBGEN_H
HAVE_LIBURING_H
HAVE_LIMITS_H
HAVE_LINUX_ETHTOOL_H
HAVE_LINUX_FALLOC_H
HAVE_LINUX_FCNTL_H
HAVE_LINUX_FS_H
HAVE_LINUX_IOCTL_H
HAVE_LINUX_SOCKIOS_H
HAVE_LINUX_TYPES_H
HAVE_LOCALE_H
HAVE_MALLOC_H
HAVE_MEMORY_H
HAVE_MNTENT_H
HAVE_NETDB_H
HAVE_NETINET_IN_H
HAVE_NETINET_IN_SYSTM_H
HAVE_NETINET_IP_H
HAVE_NETINET_TCP_H
HAVE_NET_IF_H
HAVE_POLL_H
HAVE_POPT_H
HAVE_PTHREAD_H
HAVE_PTY_H
HAVE_PWD_H
HAVE_READLINE_HISTORY_H
HAVE_READLINE_READLINE_H
HAVE_RESOLV_H
HAVE_RPC_NETTYPE_H
HAVE_RPC_RPC_H
HAVE_RPC_XDR_H
HAVE_SCHED_H
HAVE_SETJMP_H
HAVE_SHADOW_H
HAVE_SIGNAL_H
HAVE_STDARG_H
HAVE_STDATOMIC_H
HAVE_STDBOOL_H
HAVE_STDDEF_H
HAVE_STDINT_H
HAVE_STDIO_H
HAVE_STDLIB_H
HAVE_STRINGS_H
HAVE_STRING_H
HAVE_STROPTS_H
HAVE_SYSCALL_H
HAVE_SYSLOG_H
HAVE_TERMCAP_H
HAVE_TERMIOS_H
HAVE_TERM_H
HAVE_TIME_H
HAVE_UNISTD_H
HAVE_UTIME_H
HAVE_ZLIB_H
UTMP Options:
HAVE_UTMPX_H
HAVE_UTMP_H
HAVE_* Defines:
HAVE_ADDR_TYPE_IN_KRB5_ADDRESS
HAVE_AP_OPTS_USE_SUBKEY
HAVE_ASPRINTF
HAVE_ATEXIT
HAVE_ATOMIC_THREAD_FENCE
HAVE_ATOMIC_THREAD_FENCE_SUPPORT
HAVE_BASENAME
HAVE_BLKCNT_T
HAVE_BLKSIZE_T
HAVE_BOOL
HAVE_BSD_STRTOLL
HAVE_BZERO
HAVE_C99_VSNPRINTF
HAVE_CAP_GET_PROC
HAVE_CHARSET_CP850
HAVE_CHARSET_UTF_8
HAVE_CHECKSUM_IN_KRB5_CHECKSUM
HAVE_CHMOD
HAVE_CHOWN
HAVE_CHROOT
HAVE_CLEARENV
HAVE_CLOCK_GETTIME
HAVE_CLOCK_MONOTONIC
HAVE_CLOCK_PROCESS_CPUTIME_ID
HAVE_CLOCK_REALTIME
HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS
HAVE_CONNECT
HAVE_CONSTRUCTOR_ATTRIBUTE
HAVE_COPY_FILE_RANGE
HAVE_CPPFUNCTION
HAVE_CRYPT
HAVE_CRYPT_R
HAVE_DECL_ASPRINTF
HAVE_DECL_DLOPEN
HAVE_DECL_EWOULDBLOCK
HAVE_DECL_FDATASYNC
HAVE_DECL_FS_COMPR_FL
HAVE_DECL_FS_IOC_GETFLAGS
HAVE_DECL_GETTIMEOFDAY
HAVE_DECL_H_ERRNO
HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE
HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER
HAVE_DECL_MALLOC
HAVE_DECL_MEMALIGN
HAVE_DECL_PTHREAD_MUTEX_ROBUST
HAVE_DECL_READAHEAD
HAVE_DECL_RL_EVENT_HOOK
HAVE_DECL_SNPRINTF
HAVE_DECL_STRPTIME
HAVE_DECL_VASPRINTF
HAVE_DECL_VSNPRINTF
HAVE_DECL__RES
HAVE_DESTRUCTOR_ATTRIBUTE
HAVE_DES_PCBC_ENCRYPT
HAVE_DIRENT_D_OFF
HAVE_DIRFD
HAVE_DIRFD_DECL
HAVE_DIRNAME
HAVE_DISABLE_FAULT_HANDLING
HAVE_DLCLOSE
HAVE_DLERROR
HAVE_DLOPEN
HAVE_DLSYM
HAVE_DN_EXPAND
HAVE_DPRINTF
HAVE_DUP2
HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96
HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96
HAVE_ENCTYPE_ARCFOUR_HMAC
HAVE_ENCTYPE_ARCFOUR_HMAC_MD5
HAVE_ENCTYPE_ARCFOUR_HMAC_MD5_56
HAVE_ENDHOSTENT
HAVE_ENDMNTENT
HAVE_ENVIRON_DECL
HAVE_EPOLL
HAVE_EPOLL_CREATE
HAVE_ERR
HAVE_ERRNO_DECL
HAVE_ERRX
HAVE_ETHTOOL
HAVE_ETYPE_IN_ENCRYPTEDDATA
HAVE_EVENTFD
HAVE_EXECL
HAVE_E_DATA_POINTER_IN_KRB5_ERROR
HAVE_FALLOCATE
HAVE_FALLOC_FL_PUNCH_HOLE
HAVE_FALLTHROUGH_ATTRIBUTE
HAVE_FCHMOD
HAVE_FCHOWN
HAVE_FCNTL_LOCK
HAVE_FDATASYNC
HAVE_FDOPENDIR
HAVE_FLAGS_IN_KRB5_CREDS
HAVE_FLOCK
HAVE_FMEMOPEN
HAVE_FREEADDRINFO
HAVE_FREEIFADDRS
HAVE_FREE_CHECKSUM
HAVE_FRSIZE
HAVE_FSEEKO
HAVE_FSID_INT
HAVE_FSTATAT
HAVE_FSYNC
HAVE_FTRUNCATE
HAVE_FTRUNCATE_EXTEND
HAVE_FUNCTION_MACRO
HAVE_FUTIMENS
HAVE_FUTIMES
HAVE_F_OWNER_EX
HAVE_F_SETLEASE_DECL
HAVE_GAI_STRERROR
HAVE_GCC_VOLATILE_MEMORY_PROTECTION
HAVE_GETADDRINFO
HAVE_GETAUXVAL
HAVE_GETCWD
HAVE_GETGRENT
HAVE_GETGRGID_R
HAVE_GETGRNAM
HAVE_GETGRNAM_R
HAVE_GETGROUPLIST
HAVE_GETHOSTBYADDR
HAVE_GETHOSTBYNAME
HAVE_GETHOSTBYNAME_R
HAVE_GETHOSTENT
HAVE_GETHOSTNAME
HAVE_GETIFADDRS
HAVE_GETMNTENT
HAVE_GETNAMEINFO
HAVE_GETPAGESIZE
HAVE_GETPGRP
HAVE_GETPWNAM
HAVE_GETPWNAM_R
HAVE_GETPWUID_R
HAVE_GETRLIMIT
HAVE_GETSPNAM
HAVE_GETTIMEOFDAY_TZ_VOID
HAVE_GETXATTR
HAVE_GET_CURRENT_DIR_NAME
HAVE_GLOB
HAVE_GNUTLS
HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
HAVE_GNUTLS_AES_CFB8
HAVE_GNUTLS_AES_CMAC
HAVE_GNUTLS_CRYPTO_POLICIES
HAVE_GNUTLS_GET_SYSTEM_CONFIG_FILE
HAVE_GNUTLS_PKCS7_GET_EMBEDDED_DATA_OID
HAVE_GNUTLS_SET_DEFAULT_PRIORITY_APPEND
HAVE_GPFS
HAVE_GRANTPT
HAVE_GSSAPI
HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT
HAVE_GSSKRB5_GET_SUBKEY
HAVE_GSS_DISPLAY_STATUS
HAVE_GSS_EXPORT_CRED
HAVE_GSS_IMPORT_CRED
HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID
HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X
HAVE_GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT
HAVE_GSS_KRB5_IMPORT_CRED
HAVE_GSS_OID_EQUAL
HAVE_GSS_WRAP_IOV
HAVE_HISTORY_LIST
HAVE_HSTRERROR
HAVE_H_ERRNO
HAVE_ICONV_ERRNO_ILLEGAL_MULTIBYTE
HAVE_ICONV_OPEN
HAVE_IF_NAMETOINDEX
HAVE_IMMEDIATE_STRUCTURES
HAVE_INET_ATON
HAVE_INET_NTOA
HAVE_INET_NTOP
HAVE_INET_PTON
HAVE_INITGROUPS
HAVE_INITIALIZE_KRB5_ERROR_TABLE
HAVE_INOTIFY
HAVE_INOTIFY_INIT
HAVE_INO_T
HAVE_INT16_T
HAVE_INT32_T
HAVE_INT64_T
HAVE_INT8_T
HAVE_INTPTR_T
HAVE_IO_URING_RING_DONTFORK
HAVE_IPV6
HAVE_IPV6_V6ONLY
HAVE_ISATTY
HAVE_KERNEL_OPLOCKS_LINUX
HAVE_KERNEL_SHARE_MODES
HAVE_KRB5
HAVE_KRB5_ADDRESSES
HAVE_KRB5_AUTH_CON_SETKEY
HAVE_KRB5_CC_COPY_CACHE
HAVE_KRB5_CC_GET_LIFETIME
HAVE_KRB5_CONFIG_GET_BOOL_DEFAULT
HAVE_KRB5_CREATE_CHECKSUM
HAVE_KRB5_CRYPTO
HAVE_KRB5_CRYPTO_DESTROY
HAVE_KRB5_CRYPTO_INIT
HAVE_KRB5_C_VERIFY_CHECKSUM
HAVE_KRB5_DATA_COPY
HAVE_KRB5_ENCTYPE_TO_STRING
HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG
HAVE_KRB5_FREE_ERROR_CONTENTS
HAVE_KRB5_FREE_HOST_REALM
HAVE_KRB5_FWD_TGT_CREDS
HAVE_KRB5_GET_CREDS
HAVE_KRB5_GET_CREDS_OPT_ALLOC
HAVE_KRB5_GET_CREDS_OPT_SET_IMPERSONATE
HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES
HAVE_KRB5_GET_HOST_REALM
HAVE_KRB5_GET_INIT_CREDS_KEYBLOCK
HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
HAVE_KRB5_GET_INIT_CREDS_OPT_FREE
HAVE_KRB5_GET_INIT_CREDS_OPT_GET_ERROR
HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST
HAVE_KRB5_GET_PW_SALT
HAVE_KRB5_GET_RENEWED_CREDS
HAVE_KRB5_KEYBLOCK_INIT
HAVE_KRB5_KEYBLOCK_KEYVALUE
HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK
HAVE_KRB5_KRBHST_GET_ADDRINFO
HAVE_KRB5_KRBHST_INIT
HAVE_KRB5_KT_COMPARE
HAVE_KRB5_KT_FREE_ENTRY
HAVE_KRB5_KU_OTHER_CKSUM
HAVE_KRB5_MAKE_PRINCIPAL
HAVE_KRB5_MK_REQ_EXTENDED
HAVE_KRB5_PDU_NONE_DECL
HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM
HAVE_KRB5_PRINCIPAL_GET_COMP_STRING
HAVE_KRB5_PRINCIPAL_GET_NUM_COMP
HAVE_KRB5_PRINCIPAL_GET_REALM
HAVE_KRB5_PRINCIPAL_GET_TYPE
HAVE_KRB5_PRINCIPAL_SET_REALM
HAVE_KRB5_PRINCIPAL_SET_TYPE
HAVE_KRB5_PROMPT_TYPE
HAVE_KRB5_REALM_TYPE
HAVE_KRB5_SET_DEFAULT_IN_TKT_ETYPES
HAVE_KRB5_SET_REAL_TIME
HAVE_KRB5_STRING_TO_KEY
HAVE_KRB5_STRING_TO_KEY_SALT
HAVE_KRB5_WARNX
HAVE_KRB_STRUCT_WINSIZE
HAVE_LARGEFILE
HAVE_LCHOWN
HAVE_LDWRAP
HAVE_LIBCAP
HAVE_LIBCRYPT
HAVE_LIBCRYPTO
HAVE_LIBKRB5
HAVE_LIBNCURSES
HAVE_LIBPOPT
HAVE_LIBREADLINE
HAVE_LIBREPLACE
HAVE_LIBRESOLV
HAVE_LIBTASN1
HAVE_LIBURING
HAVE_LIBZ
HAVE_LINK
HAVE_LINUX_FALLOCATE
HAVE_LINUX_INOTIFY
HAVE_LINUX_IOCTL
HAVE_LINUX_READAHEAD
HAVE_LINUX_SPLICE
HAVE_LINUX_THREAD_CREDENTIALS
HAVE_LITTLE_ENDIAN
HAVE_LONGJMP
HAVE_LONG_LONG
HAVE_LSEEK_HOLE_DATA
HAVE_LSTAT
HAVE_LUTIMES
HAVE_MAKEDEV
HAVE_MEMALIGN
HAVE_MEMCPY
HAVE_MEMMEM
HAVE_MEMMOVE
HAVE_MEMSET
HAVE_MKDIR_MODE
HAVE_MKDTEMP
HAVE_MKNOD
HAVE_MKNODAT
HAVE_MKTIME
HAVE_MLOCK
HAVE_MLOCKALL
HAVE_MMAP
HAVE_MREMAP
HAVE_MUNLOCK
HAVE_MUNLOCKALL
HAVE_NATIVE_ICONV
HAVE_NEW_LIBREADLINE
HAVE_NFTW
HAVE_OPENAT
HAVE_OPENPTY
HAVE_OPEN_O_DIRECT
HAVE_PATHCONF
HAVE_PEERCRED
HAVE_PIPE
HAVE_POLL
HAVE_POPT
HAVE_POPTGETCONTEXT
HAVE_POSIX_CAPABILITIES
HAVE_POSIX_FADVISE
HAVE_POSIX_FALLOCATE
HAVE_POSIX_MEMALIGN
HAVE_POSIX_OPENPT
HAVE_PRCTL
HAVE_PREAD
HAVE_PREAD_DECL
HAVE_PRINTF
HAVE_PROGRAM_INVOCATION_SHORT_NAME
HAVE_PTHREAD
HAVE_PTHREAD_ATTR_INIT
HAVE_PTHREAD_CREATE
HAVE_PTHREAD_MUTEXATTR_SETROBUST
HAVE_PTHREAD_MUTEX_CONSISTENT
HAVE_PTRDIFF_T
HAVE_PUTENV
HAVE_PWRITE
HAVE_PWRITE_DECL
HAVE_RAND
HAVE_RANDOM
HAVE_READAHEAD_DECL
HAVE_READLINK
HAVE_READV
HAVE_REALPATH
HAVE_RENAME
HAVE_RES_SEARCH
HAVE_RL_COMPLETION_MATCHES
HAVE_ROBUST_MUTEXES
HAVE_SA_FAMILY_T
HAVE_SA_SIGINFO_DECL
HAVE_SECURE_MKSTEMP
HAVE_SELECT
HAVE_SENDFILE
HAVE_SENDMSG
HAVE_SETBUFFER
HAVE_SETEGID
HAVE_SETENV
HAVE_SETENV_DECL
HAVE_SETEUID
HAVE_SETGID
HAVE_SETGROUPS
HAVE_SETHOSTENT
HAVE_SETITIMER
HAVE_SETLINEBUF
HAVE_SETLOCALE
HAVE_SETMNTENT
HAVE_SETPGID
HAVE_SETREGID
HAVE_SETRESGID
HAVE_SETRESGID_DECL
HAVE_SETRESUID
HAVE_SETRESUID_DECL
HAVE_SETREUID
HAVE_SETSID
HAVE_SETUID
HAVE_SHARED_MMAP
HAVE_SIGACTION
HAVE_SIGLONGJMP
HAVE_SIGPROCMASK
HAVE_SIGSET
HAVE_SIG_ATOMIC_T_TYPE
HAVE_SIMPLE_C_PROG
HAVE_SIZE_T
HAVE_SNPRINTF
HAVE_SOCKET
HAVE_SOCKETPAIR
HAVE_SOCKLEN_T
HAVE_SPLICE_DECL
HAVE_SRAND
HAVE_SRANDOM
HAVE_SSIZE_T
HAVE_SS_FAMILY
HAVE_STATFS_F_FSID
HAVE_STATVFS
HAVE_STATVFS_F_FLAG
HAVE_STAT_HIRES_TIMESTAMPS
HAVE_STAT_ST_BLKSIZE
HAVE_STAT_ST_BLOCKS
HAVE_STRCASECMP
HAVE_STRCASESTR
HAVE_STRCHR
HAVE_STRCPY
HAVE_STRDUP
HAVE_STRERROR
HAVE_STRERROR_R
HAVE_STRFTIME
HAVE_STRLCAT
HAVE_STRLCPY
HAVE_STRNCASECMP
HAVE_STRNCPY
HAVE_STRNDUP
HAVE_STRNLEN
HAVE_STRPBRK
HAVE_STRPTIME
HAVE_STRSEP
HAVE_STRSIGNAL
HAVE_STRTOK_R
HAVE_STRTOL
HAVE_STRTOLL
HAVE_STRTOULL
HAVE_STRUCT_ADDRINFO
HAVE_STRUCT_IFADDRS
HAVE_STRUCT_MSGHDR_MSG_CONTROL
HAVE_STRUCT_SIGEVENT
HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIVAL_PTR
HAVE_STRUCT_SOCKADDR
HAVE_STRUCT_SOCKADDR_IN6
HAVE_STRUCT_SOCKADDR_STORAGE
HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC
HAVE_STRUCT_STAT_ST_RDEV
HAVE_STRUCT_TIMESPEC
HAVE_STRUCT_WINSIZE
HAVE_ST_RDEV
HAVE_SWAB
HAVE_SYMLINK
HAVE_SYSCALL
HAVE_SYSCONF
HAVE_SYSLOG
HAVE_TGETENT
HAVE_TIMEGM
HAVE_TIRPC
HAVE_UCONTEXT_T
HAVE_UINT16_T
HAVE_UINT32_T
HAVE_UINT64_T
HAVE_UINT8_T
HAVE_UINTPTR_T
HAVE_UMASK
HAVE_UNAME
HAVE_UNIXSOCKET
HAVE_UNSETENV
HAVE_UNSHARE_CLONE_FS
HAVE_URING
HAVE_USLEEP
HAVE_UTIMBUF
HAVE_UTIME
HAVE_UTIMENSAT
HAVE_UTIMES
HAVE_U_CHAR
HAVE_U_INT32_T
HAVE_VASPRINTF
HAVE_VA_COPY
HAVE_VDPRINTF
HAVE_VISIBILITY_ATTR
HAVE_VOLATILE
HAVE_VSNPRINTF
HAVE_VSYSLOG
HAVE_WAIT4
HAVE_WAITPID
HAVE_WARN
HAVE_WARNX
HAVE_WNO_FORMAT_TRUNCATION
HAVE_WNO_STRICT_OVERFLOW
HAVE_WNO_UNUSED_FUNCTION
HAVE_WRITEV
HAVE_WS_XPIXEL
HAVE_WS_YPIXEL
HAVE_XATTR_SUPPORT
HAVE_XATTR_XATTR
HAVE_ZLIB
HAVE__Bool
HAVE__RES
HAVE__VA_ARGS__MACRO
HAVE___ATTRIBUTE__
HAVE___SYNC_FETCH_AND_ADD
HAVE___THREAD
--with Options:
WITH_PTHREADPOOL
WITH_SYSLOG
Build Options:
BOOL_DEFINED
BROKEN_NISPLUS_INCLUDE_FILES
COMPILER_SUPPORTS_LL
CONFIG_H_IS_FROM_SAMBA
DEFAULT_DOS_CHARSET
DEFAULT_UNIX_CHARSET
GETCWD_TAKES_NULL
INLINE_MACRO
KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT
KRB5_PRINC_REALM_RETURNS_REALM
LIBREPLACE_NETWORK_CHECKS
LINUX
LINUX_SENDFILE_API
REALPATH_TAKES_NULL
RETSIGTYPE
SAMBA4_USES_HEIMDAL
SEEKDIR_RETURNS_VOID
SHLIBEXT
SIZEOF_BLKCNT_T_8
SIZEOF_BOOL
SIZEOF_CHAR
SIZEOF_DEV_T
SIZEOF_INO_T
SIZEOF_INT
SIZEOF_INT16_T
SIZEOF_INT32_T
SIZEOF_INT64_T
SIZEOF_INT8_T
SIZEOF_LONG
SIZEOF_LONG_LONG
SIZEOF_OFF_T
SIZEOF_SHORT
SIZEOF_SIZE_T
SIZEOF_SSIZE_T
SIZEOF_TIME_T
SIZEOF_UINT16_T
SIZEOF_UINT32_T
SIZEOF_UINT64_T
SIZEOF_UINT8_T
SIZEOF_VOID_P
SRCDIR
STAT_STATVFS
STAT_ST_BLOCKSIZE
STDC_HEADERS
STRERROR_R_XSI_NOT_GNU
STRING_SHARED_MODULES
STRING_STATIC_MODULES
SUMMARY_PASSES
SYSCONF_SC_NGROUPS_MAX
SYSCONF_SC_NPROCESSORS_ONLN
SYSCONF_SC_PAGESIZE
SYSTEM_UNAME_MACHINE
SYSTEM_UNAME_RELEASE
SYSTEM_UNAME_SYSNAME
SYSTEM_UNAME_VERSION
TALLOC_BUILD_VERSION_MAJOR
TALLOC_BUILD_VERSION_MINOR
TALLOC_BUILD_VERSION_RELEASE
TEVENT_NUM_SIGNALS
TIME_WITH_SYS_TIME
USE_COPY_FILE_RANGE
USE_LINUX_32BIT_SYSCALLS
USE_TDB_MUTEX_LOCKING
USING_SYSTEM_ASN1_COMPILE
USING_SYSTEM_COMPILE_ET
USING_SYSTEM_POPT
VALUEOF_GNUTLS_CIPHER_AES_128_CFB8
VALUEOF_GNUTLS_MAC_AES_CMAC_128
VALUEOF_NSIG
VALUEOF_SIGRTMAX
VALUEOF_SIGRTMIN
VALUEOF__NSIG
VOID_RETSIGTYPE
WINEXE_LDFLAGS
_GNU_SOURCE
_HAVE_SENDFILE
_POSIX_FALLOCATE_CAPABLE_LIBC
_SAMBA_BUILD_
_XOPEN_SOURCE_EXTENDED
auth_script_init
loff_t
offset_t
static_decl_auth
static_decl_charset
static_decl_gpext
static_decl_idmap
static_decl_nss_info
static_decl_pdb
static_decl_perfcount
static_decl_rpc
static_decl_vfs
static_init_auth
static_init_charset
static_init_gpext
static_init_idmap
static_init_nss_info
static_init_pdb
static_init_perfcount
static_init_rpc
static_init_vfs
uint_t
vfs_io_uring_init
Cluster support features:
NONE
Type sizes:
sizeof(char): 1
sizeof(int): 4
sizeof(long): 4
sizeof(long long): 8
sizeof(uint8_t): 1
sizeof(uint16_t): 2
sizeof(uint32_t): 4
sizeof(short): 2
sizeof(void*): 4
sizeof(size_t): 4
sizeof(off_t): 8
sizeof(ino_t): 8
sizeof(dev_t): 8
Builtin modules:
vfs_default vfs_not_implemented auth_builtin auth_sam auth_unix pdb_smbpasswd pdb_tdbsam
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter netbios name = zalupa
doing parameter interfaces = br-lan
doing parameter server string = SASAm
doing parameter unix charset = UTF-8
doing parameter workgroup = WORKGROUP
doing parameter log level = 2
doing parameter bind interfaces only = yes
doing parameter deadtime = 15
doing parameter enable core files = no
doing parameter security = user
doing parameter invalid users = root
doing parameter map to guest = Bad User
doing parameter null passwords = yes
lpcfg_do_global_parameter: WARNING: The "null passwords" option is deprecated
doing parameter passdb backend = smbpasswd
doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
doing parameter load printers = No
doing parameter printcap name = /dev/null
doing parameter disable spoolss = yes
doing parameter printing = bsd
doing parameter mdns name = mdns
doing parameter veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
doing parameter delete veto files = yes
doing parameter disable netbios = yes
doing parameter smb ports = 445
pm_process() returned Yes
lp_servicenumber: couldn't find homes
messaging_dgm_ref: messaging_dgm_init returned No error information
messaging_dgm_ref: unique = 6044760074668520570
Registering messaging pointer for type 2 - private_data=0
Registered MSG_REQ_POOL_USAGE
Registering messaging pointer for type 11 - private_data=0
Registering messaging pointer for type 12 - private_data=0
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Registering messaging pointer for type 1 - private_data=0
Registering messaging pointer for type 5 - private_data=0
Registering messaging pointer for type 51 - private_data=0
messaging_init_internal: my id: 2812
global_dcesrv_context: Initializing DCE/RPC server context
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_load_ex: refreshing parameters
Freeing parametrics:
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Processing section "[global]"
doing parameter netbios name = zalupa
doing parameter interfaces = br-lan
doing parameter server string = SASAm
doing parameter unix charset = UTF-8
doing parameter workgroup = WORKGROUP
doing parameter log level = 2
doing parameter bind interfaces only = yes
doing parameter deadtime = 15
doing parameter enable core files = no
doing parameter security = user
doing parameter invalid users = root
doing parameter map to guest = Bad User
doing parameter null passwords = yes
lpcfg_do_global_parameter: WARNING: The "null passwords" option is deprecated
doing parameter passdb backend = smbpasswd
doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
doing parameter load printers = No
doing parameter printcap name = /dev/null
doing parameter disable spoolss = yes
doing parameter printing = bsd
doing parameter mdns name = mdns
doing parameter veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
doing parameter delete veto files = yes
doing parameter disable netbios = yes
doing parameter smb ports = 445
Processing section "[shr]"
add_a_service: Creating snum = 0 for shr
hash_a_service: creating servicehash
hash_a_service: hashing index 0 for service name shr
doing parameter path = /mnt/share/
doing parameter create mask = 0666
doing parameter directory mask = 0777
doing parameter read only = no
doing parameter guest ok = yes
doing parameter vfs objects = io_uring
pm_process() returned Yes
lp_servicenumber: couldn't find homes
add_a_service: Creating snum = 1 for IPC$
hash_a_service: hashing index 1 for service name IPC$
adding IPC service
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
added interface br-lan ip=fd3f:ea31:1c91::1 bcast= netmask=ffff:ffff:ffff:fff0::
added interface br-lan ip=192.168.1.250 bcast=192.168.255.255 netmask=255.255.0.0
loaded services
Netbios name list:-
my_netbios_names[0]="ZALUPA"
INFO: Profiling support unavailable in this build.
Standard input is not a socket, assuming -D option
Becoming a daemon.
Process with PID=2781 does not exist.
msg_dgm_ref_destructor: refs=0
messaging_dgm_ref: messaging_dgm_init returned No error information
messaging_dgm_ref: unique = 14244736370929279451
Registered MSG_REQ_POOL_USAGE
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_version_global.tdb
lock order: 1:/var/lock/smbXsrv_version_global.tdb 2:<none> 3:<none> 4:<none>
db_tdb_log_key: Locking key 736D62587372765F7665
db_tdb_fetch_locked_internal: Allocated locked data 0xb5e8edc0
db_tdb_log_key: Unlocking key 736D62587372765F7665
dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_version_global.tdb
smbXsrv_version_global_init
&global_blob: struct smbXsrv_version_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_version_globalU(case 0)
info0 : *
info0: struct smbXsrv_version_global0
db_rec : NULL
num_nodes : 0x00000001 (1)
nodes: ARRAY(1)
nodes: struct smbXsrv_version_node0
server_id: struct server_id
pid : 0x0000000000000afc (2812)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0xc5af7841ec53a1db (-4202007702780272165)
min_version : SMBXSRV_VERSION_0 (0)
max_version : SMBXSRV_VERSION_0 (0)
current_version : SMBXSRV_VERSION_0 (0)
pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
msg_dgm_ref_destructor: refs=0
msg_dgm_ref_destructor: refs=0
messaging_dgm_ref: messaging_dgm_init returned No error information
messaging_dgm_ref: unique = 16364015521724381688
Registered MSG_REQ_POOL_USAGE
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
Registering messaging pointer for type 13 - private_data=0xb546dc80
Registering messaging pointer for type 788 - private_data=0xb546dc80
cleanupd_init: Started cleanupd pid=2815
Registering messaging pointer for type 789 - private_data=0xb5780d90
regdb_init: registry db openend. refcount reset (1)
reghook_cache_init: new tree with default ops 0xb6c0524c for key []
regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports]
regdb_unpack_values: value[0]: name[Samba Printer Port] len[2]
regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers]
regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70]
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
messaging_dgm_ref: messaging_dgm_init returned No error information
messaging_dgm_ref: unique = 7465991384329138126
Registered MSG_REQ_POOL_USAGE
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
Registering messaging pointer for type 794 - private_data=0xb546dd60
Registering messaging pointer for type 795 - private_data=0xb546dd60
Registering messaging pointer for type 796 - private_data=0xb546dd60
messaging_dgm_send: Sending message to 2812
regdb_unpack_values: value[0]: name[DisplayName] len[20]
regdb_unpack_values: value[1]: name[ErrorControl] len[4]
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
regdb_unpack_values: value[0]: name[DisplayName] len[20]
regdb_unpack_values: value[1]: name[ErrorControl] len[4]
reghook_cache_add: Adding ops 0xb6f34240 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\PackageInstallation]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\PackageInstallation] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f3426c for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6c051d0 for key [\HKLM\SOFTWARE\Samba\smbconf]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f34298 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f342c4 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f342f0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f3431c for key [\HKPT]
pathtree_add: Enter
pathtree_add: Successfully added node [HKPT] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f34348 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree
pathtree_add: Exit
reghook_cache_add: Adding ops 0xb6f34374 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib]
pathtree_add: Enter
pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree
pathtree_add: Exit
regdb_close: decrementing refcount (1->0)
Could not convert SID S-1-5-18 to gid, ignoring it
Security token SIDs (1):
SID[ 0]: S-1-5-18
Privileges (0xFFFFFFFFFFFFFFFF):
Privilege[ 0]: SeMachineAccountPrivilege
Privilege[ 1]: SeTakeOwnershipPrivilege
Privilege[ 2]: SeBackupPrivilege
Privilege[ 3]: SeRestorePrivilege
Privilege[ 4]: SeRemoteShutdownPrivilege
Privilege[ 5]: SePrintOperatorPrivilege
Privilege[ 6]: SeAddUsersPrivilege
Privilege[ 7]: SeDiskOperatorPrivilege
Privilege[ 8]: SeSecurityPrivilege
Privilege[ 9]: SeSystemtimePrivilege
Privilege[ 10]: SeShutdownPrivilege
Privilege[ 11]: SeDebugPrivilege
Privilege[ 12]: SeSystemEnvironmentPrivilege
Privilege[ 13]: SeSystemProfilePrivilege
Privilege[ 14]: SeProfileSingleProcessPrivilege
Privilege[ 15]: SeIncreaseBasePriorityPrivilege
Privilege[ 16]: SeLoadDriverPrivilege
Privilege[ 17]: SeCreatePagefilePrivilege
Privilege[ 18]: SeIncreaseQuotaPrivilege
Privilege[ 19]: SeChangeNotifyPrivilege
Privilege[ 20]: SeUndockPrivilege
Privilege[ 21]: SeManageVolumePrivilege
Privilege[ 22]: SeImpersonatePrivilege
Privilege[ 23]: SeCreateGlobalPrivilege
Privilege[ 24]: SeEnableDelegationPrivilege
Rights (0x 0):
UNIX token of user 0
Primary group is 0 and contains 1 supplementary groups
Group[ 0]: 0
Finding user nobody
Trying _Get_Pwnam(), username as lowercase is nobody
Get_Pwnam_internals did find user [nobody]!
Finding user nobody
Trying _Get_Pwnam(), username as lowercase is nobody
Get_Pwnam_internals did find user [nobody]!
Create local NT token for nobody
Finding user nobody
Trying _Get_Pwnam(), username as lowercase is nobody
Get_Pwnam_internals did find user [nobody]!
sys_getgrouplist: user [nobody]
Opening cache file at /var/lock/gencache.tdb
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Failed to fetch domain sid for WORKGROUP
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Could not find map for sid S-1-5-32-544
create_builtin_administrators: Failed to create Administrators
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Could not find map for sid S-1-5-32-545
create_builtin_users: Failed to create Users
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Could not find map for sid S-1-5-32-546
create_builtin_guests: Failed to create Guests
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
get_privileges: No privileges assigned to SID [S-1-5-21-3939785350-4027435424-1589595352-501]
get_privileges: No privileges assigned to SID [S-1-5-21-3939785350-4027435424-1589595352-514]
get_privileges: No privileges assigned to SID [S-1-22-2-65534]
get_privileges_for_sids: sid = S-1-1-0
Privilege set: 0x0
get_privileges: No privileges assigned to SID [S-1-5-2]
get_privileges: No privileges assigned to SID [S-1-5-32-546]
Parsing value for key [IDMAP/SID2XID/S-1-5-21-3939785350-4027435424-1589595352-501]: value=[65534:U]
Parsing value for key [IDMAP/SID2XID/S-1-5-21-3939785350-4027435424-1589595352-501]: id=[65534], endptr=[:U]
wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
lookup_global_sam_rid: looking up RID 514.
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
smbpasswd_getsampwrid: search by sid: S-1-5-21-3939785350-4027435424-1589595352-514
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: LM password for user nobody invalidated
getsmbfilepwent: returning passwd entry for user nobody, uid 0
getsmbfilepwent: LM password for user useruser invalidated
getsmbfilepwent: returning passwd entry for user useruser, uid 65533
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
Can't find a unix id for an unmapped group
SID S-1-5-21-3939785350-4027435424-1589595352-514 belongs to our domain, but there is no corresponding object in the database.
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-21-3939785350-4027435424-1589595352-514
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
lookup_global_sam_rid: looking up RID 514.
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
smbpasswd_getsampwrid: search by sid: S-1-5-21-3939785350-4027435424-1589595352-514
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: LM password for user nobody invalidated
getsmbfilepwent: returning passwd entry for user nobody, uid 0
getsmbfilepwent: LM password for user useruser invalidated
getsmbfilepwent: returning passwd entry for user useruser, uid 65533
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
Can't find a unix id for an unmapped group
SID S-1-5-21-3939785350-4027435424-1589595352-514 belongs to our domain, but there is no corresponding object in the database.
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-21-3939785350-4027435424-1589595352-514
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-1-0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-1-0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-2
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-2
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Could not find map for sid S-1-5-32-546
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-32-546
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Could not find map for sid S-1-5-32-546
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-32-546
Could not convert SID S-1-5-21-3939785350-4027435424-1589595352-514 to gid, ignoring it
Could not convert SID S-1-1-0 to gid, ignoring it
Could not convert SID S-1-5-2 to gid, ignoring it
Could not convert SID S-1-5-32-546 to gid, ignoring it
Security token SIDs (7):
SID[ 0]: S-1-5-21-3939785350-4027435424-1589595352-501
SID[ 1]: S-1-5-21-3939785350-4027435424-1589595352-514
SID[ 2]: S-1-22-2-65534
SID[ 3]: S-1-1-0
SID[ 4]: S-1-5-2
SID[ 5]: S-1-5-32-546
SID[ 6]: S-1-22-1-65534
Privileges (0x 0):
Rights (0x 0):
UNIX token of user 65534
Primary group is 65534 and contains 1 supplementary groups
Group[ 0]: 65534
Finding user nobody
Trying _Get_Pwnam(), username as lowercase is nobody
Get_Pwnam_internals did find user [nobody]!
wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-7
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-7
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-1-0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-1-0
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-2
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
LEGACY: mapping failed for sid S-1-5-2
Could not convert SID S-1-5-7 to gid, ignoring it
Could not convert SID S-1-1-0 to gid, ignoring it
Could not convert SID S-1-5-2 to gid, ignoring it
sys_getgrouplist: user [nobody]
Security token SIDs (5):
SID[ 0]: S-1-5-7
SID[ 1]: S-1-1-0
SID[ 2]: S-1-5-2
SID[ 3]: S-1-22-1-65534
SID[ 4]: S-1-22-2-65534
Privileges (0x 0):
Rights (0x 0):
UNIX token of user 65534
Primary group is 65534 and contains 1 supplementary groups
Group[ 0]: 65534
dcesrv_init: Registering DCE/RPC endpoint servers
DCERPC endpoint server 'winreg' registered
DCERPC endpoint server 'srvsvc' registered
DCERPC endpoint server 'lsarpc' registered
DCERPC endpoint server 'samr' registered
DCERPC endpoint server 'netdfs' registered
DCERPC endpoint server 'dssetup' registered
DCERPC endpoint server 'wkssvc' registered
DCERPC endpoint server 'svcctl' registered
DCERPC endpoint server 'ntsvcs' registered
DCERPC endpoint server 'eventlog' registered
DCERPC endpoint server 'initshutdown' registered
dcesrv_init: Initializing DCE/RPC modules
dcesrv_init: Initializing DCE/RPC registered endpoint servers
dcesrv_interface_register: Interface 'winreg' registered on endpoint 'ncacn_np:[\pipe\winreg]' (single process required)
winreg__check_register_in_endpoint: Interface 'winreg' not registered in endpoint 'winreg' as service is embedded
dcesrv_interface_register: Interface 'winreg' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'srvsvc' registered on endpoint 'ncacn_np:[\pipe\srvsvc]' (single process required)
srvsvc__check_register_in_endpoint: Interface 'srvsvc' not registered in endpoint 'srvsvc' as service is embedded
dcesrv_interface_register: Interface 'srvsvc' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\netlogon]' (single process required)
dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\lsarpc]' (single process required)
dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\lsass]' (single process required)
lsarpc__check_register_in_endpoint: Interface 'lsarpc' not registered in endpoint 'lsarpc' as service is embedded
dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'samr' registered on endpoint 'ncacn_np:[\pipe\samr]' (single process required)
samr__check_register_in_endpoint: Interface 'samr' not registered in endpoint 'samr' as service is embedded
dcesrv_interface_register: Interface 'samr' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'netdfs' registered on endpoint 'ncacn_np:[\pipe\netdfs]' (single process required)
netdfs__check_register_in_endpoint: Interface 'netdfs' not registered in endpoint 'netdfs' as service is embedded
dcesrv_interface_register: Interface 'netdfs' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncacn_np:[\pipe\lsarpc]' (single process required)
dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncacn_np:[\pipe\lsass]' (single process required)
dssetup__check_register_in_endpoint: Interface 'dssetup' not registered in endpoint 'dssetup' as service is embedded
dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'wkssvc' registered on endpoint 'ncacn_np:[\pipe\wkssvc]' (single process required)
wkssvc__check_register_in_endpoint: Interface 'wkssvc' not registered in endpoint 'wkssvc' as service is embedded
dcesrv_interface_register: Interface 'wkssvc' registered on endpoint 'ncalrpc:' (single process required)
Initialise the svcctl registry keys if needed.
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
regdb_open: registry db opened. refcount reset (1)
make_internal_ncacn_conn: Create pipe requested winreg
Created internal pipe winreg
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
regkey_open_onelevel: name = [HKLM]
regdb_open: incrementing refcount (1->2)
reghook_cache_find: Searching for keyname [\HKLM]
pathtree_find: Enter [\HKLM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM]
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
result : WERR_OK
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
keyname: struct winreg_String
name_len : 0x0044 (68)
name_size : 0x0044 (68)
name : *
name : 'SYSTEM\CurrentControlSet\Services'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (2->3)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
regdb_close: decrementing refcount (4->3)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
result : WERR_OK
winreg_QueryInfoKey: struct winreg_QueryInfoKey
in: struct winreg_QueryInfoKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
classname : *
classname: struct winreg_String
name_len : 0x0000 (0)
name_size : 0x0000 (0)
name : NULL
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services]
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_QueryInfoKey: struct winreg_QueryInfoKey
out: struct winreg_QueryInfoKey
classname : *
classname: struct winreg_String
name_len : 0x0000 (0)
name_size : 0x0000 (0)
name : NULL
num_subkeys : *
num_subkeys : 0x00000007 (7)
max_subkeylen : *
max_subkeylen : 0x0000001c (28)
max_classlen : *
max_classlen : 0x00000000 (0)
num_values : *
num_values : 0x00000000 (0)
max_valnamelen : *
max_valnamelen : 0x00000002 (2)
max_valbufsize : *
max_valbufsize : 0x00000000 (0)
secdescsize : *
secdescsize : 0x00000078 (120)
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000000 (0)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x001a (26)
size : 0x001e (30)
name : *
name : 'LanmanServer'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000001 (1)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x0012 (18)
size : 0x001e (30)
name : *
name : 'Eventlog'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000002 (2)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x000c (12)
size : 0x001e (30)
name : *
name : 'Tcpip'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000003 (3)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x0012 (18)
size : 0x001e (30)
name : *
name : 'Netlogon'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000004 (4)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x0010 (16)
size : 0x001e (30)
name : *
name : 'Spooler'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000005 (5)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x001e (30)
size : 0x001e (30)
name : *
name : 'RemoteRegistry'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_EnumKey: struct winreg_EnumKey
in: struct winreg_EnumKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
enum_index : 0x00000006 (6)
name : *
name: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x001e (30)
name : *
name : ''
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
_winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
winreg_EnumKey: struct winreg_EnumKey
out: struct winreg_EnumKey
name : *
name: struct winreg_StringBuf
length : 0x000a (10)
size : 0x001e (30)
name : *
name : 'WINS'
keyclass : *
keyclass: struct winreg_StringBuf
length : 0x0000 (0)
size : 0x0002 (2)
name : *
name : ''
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0054 (84)
name_size : 0x0054 (84)
name : *
name : 'SYSTEM\CurrentControlSet\Services\Spooler'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_ACTION_NONE (0)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [Spooler]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x000c (12)
name_size : 0x000c (12)
name : *
name : 'Start'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x02 (2)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
regdb_unpack_values: value[0]: name[Start] len[4]
regdb_unpack_values: value[1]: name[Type] len[4]
regdb_unpack_values: value[2]: name[ErrorControl] len[4]
regdb_unpack_values: value[3]: name[ObjectName] len[24]
regdb_unpack_values: value[4]: name[DisplayName] len[28]
regdb_unpack_values: value[5]: name[ImagePath] len[54]
regdb_unpack_values: value[6]: name[Description] len[106]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x000a (10)
name_size : 0x000a (10)
name : *
name : 'Type'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x001a (26)
name_size : 0x001a (26)
name : *
name : 'ErrorControl'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x0016 (22)
name_size : 0x0016 (22)
name : *
name : 'ObjectName'
type : REG_SZ (1)
data : *
data: ARRAY(24)
[0] : 0x4c (76)
[1] : 0x00 (0)
[2] : 0x6f (111)
[3] : 0x00 (0)
[4] : 0x63 (99)
[5] : 0x00 (0)
[6] : 0x61 (97)
[7] : 0x00 (0)
[8] : 0x6c (108)
[9] : 0x00 (0)
[10] : 0x53 (83)
[11] : 0x00 (0)
[12] : 0x79 (121)
[13] : 0x00 (0)
[14] : 0x73 (115)
[15] : 0x00 (0)
[16] : 0x74 (116)
[17] : 0x00 (0)
[18] : 0x65 (101)
[19] : 0x00 (0)
[20] : 0x6d (109)
[21] : 0x00 (0)
[22] : 0x00 (0)
[23] : 0x00 (0)
size : 0x00000018 (24)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'DisplayName'
type : REG_SZ (1)
data : *
data: ARRAY(28)
[0] : 0x50 (80)
[1] : 0x00 (0)
[2] : 0x72 (114)
[3] : 0x00 (0)
[4] : 0x69 (105)
[5] : 0x00 (0)
[6] : 0x6e (110)
[7] : 0x00 (0)
[8] : 0x74 (116)
[9] : 0x00 (0)
[10] : 0x20 (32)
[11] : 0x00 (0)
[12] : 0x53 (83)
[13] : 0x00 (0)
[14] : 0x70 (112)
[15] : 0x00 (0)
[16] : 0x6f (111)
[17] : 0x00 (0)
[18] : 0x6f (111)
[19] : 0x00 (0)
[20] : 0x6c (108)
[21] : 0x00 (0)
[22] : 0x65 (101)
[23] : 0x00 (0)
[24] : 0x72 (114)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
size : 0x0000001c (28)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x0014 (20)
name_size : 0x0014 (20)
name : *
name : 'ImagePath'
type : REG_SZ (1)
data : *
data: ARRAY(54)
[0] : 0x2f (47)
[1] : 0x00 (0)
[2] : 0x75 (117)
[3] : 0x00 (0)
[4] : 0x73 (115)
[5] : 0x00 (0)
[6] : 0x72 (114)
[7] : 0x00 (0)
[8] : 0x2f (47)
[9] : 0x00 (0)
[10] : 0x6c (108)
[11] : 0x00 (0)
[12] : 0x69 (105)
[13] : 0x00 (0)
[14] : 0x62 (98)
[15] : 0x00 (0)
[16] : 0x2f (47)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x61 (97)
[21] : 0x00 (0)
[22] : 0x6d (109)
[23] : 0x00 (0)
[24] : 0x62 (98)
[25] : 0x00 (0)
[26] : 0x61 (97)
[27] : 0x00 (0)
[28] : 0x2f (47)
[29] : 0x00 (0)
[30] : 0x73 (115)
[31] : 0x00 (0)
[32] : 0x76 (118)
[33] : 0x00 (0)
[34] : 0x63 (99)
[35] : 0x00 (0)
[36] : 0x63 (99)
[37] : 0x00 (0)
[38] : 0x74 (116)
[39] : 0x00 (0)
[40] : 0x6c (108)
[41] : 0x00 (0)
[42] : 0x2f (47)
[43] : 0x00 (0)
[44] : 0x73 (115)
[45] : 0x00 (0)
[46] : 0x6d (109)
[47] : 0x00 (0)
[48] : 0x62 (98)
[49] : 0x00 (0)
[50] : 0x64 (100)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
size : 0x00000036 (54)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'Description'
type : REG_SZ (1)
data : *
data: ARRAY(106)
[0] : 0x49 (73)
[1] : 0x00 (0)
[2] : 0x6e (110)
[3] : 0x00 (0)
[4] : 0x74 (116)
[5] : 0x00 (0)
[6] : 0x65 (101)
[7] : 0x00 (0)
[8] : 0x72 (114)
[9] : 0x00 (0)
[10] : 0x6e (110)
[11] : 0x00 (0)
[12] : 0x61 (97)
[13] : 0x00 (0)
[14] : 0x6c (108)
[15] : 0x00 (0)
[16] : 0x20 (32)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x65 (101)
[21] : 0x00 (0)
[22] : 0x72 (114)
[23] : 0x00 (0)
[24] : 0x76 (118)
[25] : 0x00 (0)
[26] : 0x69 (105)
[27] : 0x00 (0)
[28] : 0x63 (99)
[29] : 0x00 (0)
[30] : 0x65 (101)
[31] : 0x00 (0)
[32] : 0x20 (32)
[33] : 0x00 (0)
[34] : 0x66 (102)
[35] : 0x00 (0)
[36] : 0x6f (111)
[37] : 0x00 (0)
[38] : 0x72 (114)
[39] : 0x00 (0)
[40] : 0x20 (32)
[41] : 0x00 (0)
[42] : 0x73 (115)
[43] : 0x00 (0)
[44] : 0x70 (112)
[45] : 0x00 (0)
[46] : 0x6f (111)
[47] : 0x00 (0)
[48] : 0x6f (111)
[49] : 0x00 (0)
[50] : 0x6c (108)
[51] : 0x00 (0)
[52] : 0x69 (105)
[53] : 0x00 (0)
[54] : 0x6e (110)
[55] : 0x00 (0)
[56] : 0x67 (103)
[57] : 0x00 (0)
[58] : 0x20 (32)
[59] : 0x00 (0)
[60] : 0x66 (102)
[61] : 0x00 (0)
[62] : 0x69 (105)
[63] : 0x00 (0)
[64] : 0x6c (108)
[65] : 0x00 (0)
[66] : 0x65 (101)
[67] : 0x00 (0)
[68] : 0x73 (115)
[69] : 0x00 (0)
[70] : 0x20 (32)
[71] : 0x00 (0)
[72] : 0x74 (116)
[73] : 0x00 (0)
[74] : 0x6f (111)
[75] : 0x00 (0)
[76] : 0x20 (32)
[77] : 0x00 (0)
[78] : 0x70 (112)
[79] : 0x00 (0)
[80] : 0x72 (114)
[81] : 0x00 (0)
[82] : 0x69 (105)
[83] : 0x00 (0)
[84] : 0x6e (110)
[85] : 0x00 (0)
[86] : 0x74 (116)
[87] : 0x00 (0)
[88] : 0x20 (32)
[89] : 0x00 (0)
[90] : 0x64 (100)
[91] : 0x00 (0)
[92] : 0x65 (101)
[93] : 0x00 (0)
[94] : 0x76 (118)
[95] : 0x00 (0)
[96] : 0x69 (105)
[97] : 0x00 (0)
[98] : 0x63 (99)
[99] : 0x00 (0)
[100] : 0x65 (101)
[101] : 0x00 (0)
[102] : 0x73 (115)
[103] : 0x00 (0)
[104] : 0x00 (0)
[105] : 0x00 (0)
size : 0x0000006a (106)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0066 (102)
name_size : 0x0066 (102)
name : *
name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Spooler]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [Security]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
name: struct winreg_String
name_len : 0x0012 (18)
name_size : 0x0012 (18)
name : *
name : 'Security'
type : REG_BINARY (3)
data : *
data: ARRAY(120)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x04 (4)
[3] : 0x80 (128)
[4] : 0x00 (0)
[5] : 0x00 (0)
[6] : 0x00 (0)
[7] : 0x00 (0)
[8] : 0x00 (0)
[9] : 0x00 (0)
[10] : 0x00 (0)
[11] : 0x00 (0)
[12] : 0x00 (0)
[13] : 0x00 (0)
[14] : 0x00 (0)
[15] : 0x00 (0)
[16] : 0x14 (20)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
[20] : 0x02 (2)
[21] : 0x00 (0)
[22] : 0x64 (100)
[23] : 0x00 (0)
[24] : 0x04 (4)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x14 (20)
[31] : 0x00 (0)
[32] : 0x8d (141)
[33] : 0x01 (1)
[34] : 0x02 (2)
[35] : 0x00 (0)
[36] : 0x01 (1)
[37] : 0x01 (1)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x01 (1)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x18 (24)
[51] : 0x00 (0)
[52] : 0xfd (253)
[53] : 0x01 (1)
[54] : 0x02 (2)
[55] : 0x00 (0)
[56] : 0x01 (1)
[57] : 0x02 (2)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x05 (5)
[64] : 0x20 (32)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x23 (35)
[69] : 0x02 (2)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x18 (24)
[75] : 0x00 (0)
[76] : 0xff (255)
[77] : 0x01 (1)
[78] : 0x0f (15)
[79] : 0x00 (0)
[80] : 0x01 (1)
[81] : 0x02 (2)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x05 (5)
[88] : 0x20 (32)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x25 (37)
[93] : 0x02 (2)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x18 (24)
[99] : 0x00 (0)
[100] : 0xff (255)
[101] : 0x01 (1)
[102] : 0x0f (15)
[103] : 0x00 (0)
[104] : 0x01 (1)
[105] : 0x02 (2)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x05 (5)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x20 (32)
[117] : 0x02 (2)
[118] : 0x00 (0)
[119] : 0x00 (0)
size : 0x00000078 (120)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
regdb_unpack_values: value[0]: name[Security] len[120]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0056 (86)
name_size : 0x0056 (86)
name : *
name : 'SYSTEM\CurrentControlSet\Services\NETLOGON'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_ACTION_NONE (0)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [NETLOGON]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x000c (12)
name_size : 0x000c (12)
name : *
name : 'Start'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x02 (2)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
regdb_unpack_values: value[0]: name[Start] len[4]
regdb_unpack_values: value[1]: name[Type] len[4]
regdb_unpack_values: value[2]: name[ErrorControl] len[4]
regdb_unpack_values: value[3]: name[ObjectName] len[24]
regdb_unpack_values: value[4]: name[DisplayName] len[20]
regdb_unpack_values: value[5]: name[ImagePath] len[54]
regdb_unpack_values: value[6]: name[Description] len[164]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x000a (10)
name_size : 0x000a (10)
name : *
name : 'Type'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x001a (26)
name_size : 0x001a (26)
name : *
name : 'ErrorControl'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x0016 (22)
name_size : 0x0016 (22)
name : *
name : 'ObjectName'
type : REG_SZ (1)
data : *
data: ARRAY(24)
[0] : 0x4c (76)
[1] : 0x00 (0)
[2] : 0x6f (111)
[3] : 0x00 (0)
[4] : 0x63 (99)
[5] : 0x00 (0)
[6] : 0x61 (97)
[7] : 0x00 (0)
[8] : 0x6c (108)
[9] : 0x00 (0)
[10] : 0x53 (83)
[11] : 0x00 (0)
[12] : 0x79 (121)
[13] : 0x00 (0)
[14] : 0x73 (115)
[15] : 0x00 (0)
[16] : 0x74 (116)
[17] : 0x00 (0)
[18] : 0x65 (101)
[19] : 0x00 (0)
[20] : 0x6d (109)
[21] : 0x00 (0)
[22] : 0x00 (0)
[23] : 0x00 (0)
size : 0x00000018 (24)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'DisplayName'
type : REG_SZ (1)
data : *
data: ARRAY(20)
[0] : 0x4e (78)
[1] : 0x00 (0)
[2] : 0x65 (101)
[3] : 0x00 (0)
[4] : 0x74 (116)
[5] : 0x00 (0)
[6] : 0x20 (32)
[7] : 0x00 (0)
[8] : 0x4c (76)
[9] : 0x00 (0)
[10] : 0x6f (111)
[11] : 0x00 (0)
[12] : 0x67 (103)
[13] : 0x00 (0)
[14] : 0x6f (111)
[15] : 0x00 (0)
[16] : 0x6e (110)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
size : 0x00000014 (20)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x0014 (20)
name_size : 0x0014 (20)
name : *
name : 'ImagePath'
type : REG_SZ (1)
data : *
data: ARRAY(54)
[0] : 0x2f (47)
[1] : 0x00 (0)
[2] : 0x75 (117)
[3] : 0x00 (0)
[4] : 0x73 (115)
[5] : 0x00 (0)
[6] : 0x72 (114)
[7] : 0x00 (0)
[8] : 0x2f (47)
[9] : 0x00 (0)
[10] : 0x6c (108)
[11] : 0x00 (0)
[12] : 0x69 (105)
[13] : 0x00 (0)
[14] : 0x62 (98)
[15] : 0x00 (0)
[16] : 0x2f (47)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x61 (97)
[21] : 0x00 (0)
[22] : 0x6d (109)
[23] : 0x00 (0)
[24] : 0x62 (98)
[25] : 0x00 (0)
[26] : 0x61 (97)
[27] : 0x00 (0)
[28] : 0x2f (47)
[29] : 0x00 (0)
[30] : 0x73 (115)
[31] : 0x00 (0)
[32] : 0x76 (118)
[33] : 0x00 (0)
[34] : 0x63 (99)
[35] : 0x00 (0)
[36] : 0x63 (99)
[37] : 0x00 (0)
[38] : 0x74 (116)
[39] : 0x00 (0)
[40] : 0x6c (108)
[41] : 0x00 (0)
[42] : 0x2f (47)
[43] : 0x00 (0)
[44] : 0x73 (115)
[45] : 0x00 (0)
[46] : 0x6d (109)
[47] : 0x00 (0)
[48] : 0x62 (98)
[49] : 0x00 (0)
[50] : 0x64 (100)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
size : 0x00000036 (54)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'Description'
type : REG_SZ (1)
data : *
data: ARRAY(164)
[0] : 0x46 (70)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6c (108)
[5] : 0x00 (0)
[6] : 0x65 (101)
[7] : 0x00 (0)
[8] : 0x20 (32)
[9] : 0x00 (0)
[10] : 0x73 (115)
[11] : 0x00 (0)
[12] : 0x65 (101)
[13] : 0x00 (0)
[14] : 0x72 (114)
[15] : 0x00 (0)
[16] : 0x76 (118)
[17] : 0x00 (0)
[18] : 0x69 (105)
[19] : 0x00 (0)
[20] : 0x63 (99)
[21] : 0x00 (0)
[22] : 0x65 (101)
[23] : 0x00 (0)
[24] : 0x20 (32)
[25] : 0x00 (0)
[26] : 0x70 (112)
[27] : 0x00 (0)
[28] : 0x72 (114)
[29] : 0x00 (0)
[30] : 0x6f (111)
[31] : 0x00 (0)
[32] : 0x76 (118)
[33] : 0x00 (0)
[34] : 0x69 (105)
[35] : 0x00 (0)
[36] : 0x64 (100)
[37] : 0x00 (0)
[38] : 0x69 (105)
[39] : 0x00 (0)
[40] : 0x6e (110)
[41] : 0x00 (0)
[42] : 0x67 (103)
[43] : 0x00 (0)
[44] : 0x20 (32)
[45] : 0x00 (0)
[46] : 0x61 (97)
[47] : 0x00 (0)
[48] : 0x63 (99)
[49] : 0x00 (0)
[50] : 0x63 (99)
[51] : 0x00 (0)
[52] : 0x65 (101)
[53] : 0x00 (0)
[54] : 0x73 (115)
[55] : 0x00 (0)
[56] : 0x73 (115)
[57] : 0x00 (0)
[58] : 0x20 (32)
[59] : 0x00 (0)
[60] : 0x74 (116)
[61] : 0x00 (0)
[62] : 0x6f (111)
[63] : 0x00 (0)
[64] : 0x20 (32)
[65] : 0x00 (0)
[66] : 0x70 (112)
[67] : 0x00 (0)
[68] : 0x6f (111)
[69] : 0x00 (0)
[70] : 0x6c (108)
[71] : 0x00 (0)
[72] : 0x69 (105)
[73] : 0x00 (0)
[74] : 0x63 (99)
[75] : 0x00 (0)
[76] : 0x79 (121)
[77] : 0x00 (0)
[78] : 0x20 (32)
[79] : 0x00 (0)
[80] : 0x61 (97)
[81] : 0x00 (0)
[82] : 0x6e (110)
[83] : 0x00 (0)
[84] : 0x64 (100)
[85] : 0x00 (0)
[86] : 0x20 (32)
[87] : 0x00 (0)
[88] : 0x70 (112)
[89] : 0x00 (0)
[90] : 0x72 (114)
[91] : 0x00 (0)
[92] : 0x6f (111)
[93] : 0x00 (0)
[94] : 0x66 (102)
[95] : 0x00 (0)
[96] : 0x69 (105)
[97] : 0x00 (0)
[98] : 0x6c (108)
[99] : 0x00 (0)
[100] : 0x65 (101)
[101] : 0x00 (0)
[102] : 0x20 (32)
[103] : 0x00 (0)
[104] : 0x64 (100)
[105] : 0x00 (0)
[106] : 0x61 (97)
[107] : 0x00 (0)
[108] : 0x74 (116)
[109] : 0x00 (0)
[110] : 0x61 (97)
[111] : 0x00 (0)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x28 (40)
[115] : 0x00 (0)
[116] : 0x6e (110)
[117] : 0x00 (0)
[118] : 0x6f (111)
[119] : 0x00 (0)
[120] : 0x74 (116)
[121] : 0x00 (0)
[122] : 0x72 (114)
[123] : 0x00 (0)
[124] : 0x65 (101)
[125] : 0x00 (0)
[126] : 0x6d (109)
[127] : 0x00 (0)
[128] : 0x6f (111)
[129] : 0x00 (0)
[130] : 0x74 (116)
[131] : 0x00 (0)
[132] : 0x65 (101)
[133] : 0x00 (0)
[134] : 0x6c (108)
[135] : 0x00 (0)
[136] : 0x79 (121)
[137] : 0x00 (0)
[138] : 0x20 (32)
[139] : 0x00 (0)
[140] : 0x6d (109)
[141] : 0x00 (0)
[142] : 0x61 (97)
[143] : 0x00 (0)
[144] : 0x6e (110)
[145] : 0x00 (0)
[146] : 0x61 (97)
[147] : 0x00 (0)
[148] : 0x67 (103)
[149] : 0x00 (0)
[150] : 0x65 (101)
[151] : 0x00 (0)
[152] : 0x61 (97)
[153] : 0x00 (0)
[154] : 0x62 (98)
[155] : 0x00 (0)
[156] : 0x6c (108)
[157] : 0x00 (0)
[158] : 0x65 (101)
[159] : 0x00 (0)
[160] : 0x29 (41)
[161] : 0x00 (0)
[162] : 0x00 (0)
[163] : 0x00 (0)
size : 0x000000a4 (164)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0068 (104)
name_size : 0x0068 (104)
name : *
name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [NETLOGON]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [Security]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
name: struct winreg_String
name_len : 0x0012 (18)
name_size : 0x0012 (18)
name : *
name : 'Security'
type : REG_BINARY (3)
data : *
data: ARRAY(120)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x04 (4)
[3] : 0x80 (128)
[4] : 0x00 (0)
[5] : 0x00 (0)
[6] : 0x00 (0)
[7] : 0x00 (0)
[8] : 0x00 (0)
[9] : 0x00 (0)
[10] : 0x00 (0)
[11] : 0x00 (0)
[12] : 0x00 (0)
[13] : 0x00 (0)
[14] : 0x00 (0)
[15] : 0x00 (0)
[16] : 0x14 (20)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
[20] : 0x02 (2)
[21] : 0x00 (0)
[22] : 0x64 (100)
[23] : 0x00 (0)
[24] : 0x04 (4)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x14 (20)
[31] : 0x00 (0)
[32] : 0x8d (141)
[33] : 0x01 (1)
[34] : 0x02 (2)
[35] : 0x00 (0)
[36] : 0x01 (1)
[37] : 0x01 (1)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x01 (1)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x18 (24)
[51] : 0x00 (0)
[52] : 0xfd (253)
[53] : 0x01 (1)
[54] : 0x02 (2)
[55] : 0x00 (0)
[56] : 0x01 (1)
[57] : 0x02 (2)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x05 (5)
[64] : 0x20 (32)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x23 (35)
[69] : 0x02 (2)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x18 (24)
[75] : 0x00 (0)
[76] : 0xff (255)
[77] : 0x01 (1)
[78] : 0x0f (15)
[79] : 0x00 (0)
[80] : 0x01 (1)
[81] : 0x02 (2)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x05 (5)
[88] : 0x20 (32)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x25 (37)
[93] : 0x02 (2)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x18 (24)
[99] : 0x00 (0)
[100] : 0xff (255)
[101] : 0x01 (1)
[102] : 0x0f (15)
[103] : 0x00 (0)
[104] : 0x01 (1)
[105] : 0x02 (2)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x05 (5)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x20 (32)
[117] : 0x02 (2)
[118] : 0x00 (0)
[119] : 0x00 (0)
size : 0x00000078 (120)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
regdb_unpack_values: value[0]: name[Security] len[120]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0062 (98)
name_size : 0x0062 (98)
name : *
name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_ACTION_NONE (0)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [RemoteRegistry]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x000c (12)
name_size : 0x000c (12)
name : *
name : 'Start'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x02 (2)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
regdb_unpack_values: value[0]: name[Start] len[4]
regdb_unpack_values: value[1]: name[Type] len[4]
regdb_unpack_values: value[2]: name[ErrorControl] len[4]
regdb_unpack_values: value[3]: name[ObjectName] len[24]
regdb_unpack_values: value[4]: name[DisplayName] len[48]
regdb_unpack_values: value[5]: name[ImagePath] len[54]
regdb_unpack_values: value[6]: name[Description] len[126]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x000a (10)
name_size : 0x000a (10)
name : *
name : 'Type'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x001a (26)
name_size : 0x001a (26)
name : *
name : 'ErrorControl'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x0016 (22)
name_size : 0x0016 (22)
name : *
name : 'ObjectName'
type : REG_SZ (1)
data : *
data: ARRAY(24)
[0] : 0x4c (76)
[1] : 0x00 (0)
[2] : 0x6f (111)
[3] : 0x00 (0)
[4] : 0x63 (99)
[5] : 0x00 (0)
[6] : 0x61 (97)
[7] : 0x00 (0)
[8] : 0x6c (108)
[9] : 0x00 (0)
[10] : 0x53 (83)
[11] : 0x00 (0)
[12] : 0x79 (121)
[13] : 0x00 (0)
[14] : 0x73 (115)
[15] : 0x00 (0)
[16] : 0x74 (116)
[17] : 0x00 (0)
[18] : 0x65 (101)
[19] : 0x00 (0)
[20] : 0x6d (109)
[21] : 0x00 (0)
[22] : 0x00 (0)
[23] : 0x00 (0)
size : 0x00000018 (24)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'DisplayName'
type : REG_SZ (1)
data : *
data: ARRAY(48)
[0] : 0x52 (82)
[1] : 0x00 (0)
[2] : 0x65 (101)
[3] : 0x00 (0)
[4] : 0x6d (109)
[5] : 0x00 (0)
[6] : 0x6f (111)
[7] : 0x00 (0)
[8] : 0x74 (116)
[9] : 0x00 (0)
[10] : 0x65 (101)
[11] : 0x00 (0)
[12] : 0x20 (32)
[13] : 0x00 (0)
[14] : 0x52 (82)
[15] : 0x00 (0)
[16] : 0x65 (101)
[17] : 0x00 (0)
[18] : 0x67 (103)
[19] : 0x00 (0)
[20] : 0x69 (105)
[21] : 0x00 (0)
[22] : 0x73 (115)
[23] : 0x00 (0)
[24] : 0x74 (116)
[25] : 0x00 (0)
[26] : 0x72 (114)
[27] : 0x00 (0)
[28] : 0x79 (121)
[29] : 0x00 (0)
[30] : 0x20 (32)
[31] : 0x00 (0)
[32] : 0x53 (83)
[33] : 0x00 (0)
[34] : 0x65 (101)
[35] : 0x00 (0)
[36] : 0x72 (114)
[37] : 0x00 (0)
[38] : 0x76 (118)
[39] : 0x00 (0)
[40] : 0x69 (105)
[41] : 0x00 (0)
[42] : 0x63 (99)
[43] : 0x00 (0)
[44] : 0x65 (101)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
size : 0x00000030 (48)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x0014 (20)
name_size : 0x0014 (20)
name : *
name : 'ImagePath'
type : REG_SZ (1)
data : *
data: ARRAY(54)
[0] : 0x2f (47)
[1] : 0x00 (0)
[2] : 0x75 (117)
[3] : 0x00 (0)
[4] : 0x73 (115)
[5] : 0x00 (0)
[6] : 0x72 (114)
[7] : 0x00 (0)
[8] : 0x2f (47)
[9] : 0x00 (0)
[10] : 0x6c (108)
[11] : 0x00 (0)
[12] : 0x69 (105)
[13] : 0x00 (0)
[14] : 0x62 (98)
[15] : 0x00 (0)
[16] : 0x2f (47)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x61 (97)
[21] : 0x00 (0)
[22] : 0x6d (109)
[23] : 0x00 (0)
[24] : 0x62 (98)
[25] : 0x00 (0)
[26] : 0x61 (97)
[27] : 0x00 (0)
[28] : 0x2f (47)
[29] : 0x00 (0)
[30] : 0x73 (115)
[31] : 0x00 (0)
[32] : 0x76 (118)
[33] : 0x00 (0)
[34] : 0x63 (99)
[35] : 0x00 (0)
[36] : 0x63 (99)
[37] : 0x00 (0)
[38] : 0x74 (116)
[39] : 0x00 (0)
[40] : 0x6c (108)
[41] : 0x00 (0)
[42] : 0x2f (47)
[43] : 0x00 (0)
[44] : 0x73 (115)
[45] : 0x00 (0)
[46] : 0x6d (109)
[47] : 0x00 (0)
[48] : 0x62 (98)
[49] : 0x00 (0)
[50] : 0x64 (100)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
size : 0x00000036 (54)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'Description'
type : REG_SZ (1)
data : *
data: ARRAY(126)
[0] : 0x49 (73)
[1] : 0x00 (0)
[2] : 0x6e (110)
[3] : 0x00 (0)
[4] : 0x74 (116)
[5] : 0x00 (0)
[6] : 0x65 (101)
[7] : 0x00 (0)
[8] : 0x72 (114)
[9] : 0x00 (0)
[10] : 0x6e (110)
[11] : 0x00 (0)
[12] : 0x61 (97)
[13] : 0x00 (0)
[14] : 0x6c (108)
[15] : 0x00 (0)
[16] : 0x20 (32)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x65 (101)
[21] : 0x00 (0)
[22] : 0x72 (114)
[23] : 0x00 (0)
[24] : 0x76 (118)
[25] : 0x00 (0)
[26] : 0x69 (105)
[27] : 0x00 (0)
[28] : 0x63 (99)
[29] : 0x00 (0)
[30] : 0x65 (101)
[31] : 0x00 (0)
[32] : 0x20 (32)
[33] : 0x00 (0)
[34] : 0x70 (112)
[35] : 0x00 (0)
[36] : 0x72 (114)
[37] : 0x00 (0)
[38] : 0x6f (111)
[39] : 0x00 (0)
[40] : 0x76 (118)
[41] : 0x00 (0)
[42] : 0x69 (105)
[43] : 0x00 (0)
[44] : 0x64 (100)
[45] : 0x00 (0)
[46] : 0x69 (105)
[47] : 0x00 (0)
[48] : 0x6e (110)
[49] : 0x00 (0)
[50] : 0x67 (103)
[51] : 0x00 (0)
[52] : 0x20 (32)
[53] : 0x00 (0)
[54] : 0x72 (114)
[55] : 0x00 (0)
[56] : 0x65 (101)
[57] : 0x00 (0)
[58] : 0x6d (109)
[59] : 0x00 (0)
[60] : 0x6f (111)
[61] : 0x00 (0)
[62] : 0x74 (116)
[63] : 0x00 (0)
[64] : 0x65 (101)
[65] : 0x00 (0)
[66] : 0x20 (32)
[67] : 0x00 (0)
[68] : 0x61 (97)
[69] : 0x00 (0)
[70] : 0x63 (99)
[71] : 0x00 (0)
[72] : 0x63 (99)
[73] : 0x00 (0)
[74] : 0x65 (101)
[75] : 0x00 (0)
[76] : 0x73 (115)
[77] : 0x00 (0)
[78] : 0x73 (115)
[79] : 0x00 (0)
[80] : 0x20 (32)
[81] : 0x00 (0)
[82] : 0x74 (116)
[83] : 0x00 (0)
[84] : 0x6f (111)
[85] : 0x00 (0)
[86] : 0x20 (32)
[87] : 0x00 (0)
[88] : 0x74 (116)
[89] : 0x00 (0)
[90] : 0x68 (104)
[91] : 0x00 (0)
[92] : 0x65 (101)
[93] : 0x00 (0)
[94] : 0x20 (32)
[95] : 0x00 (0)
[96] : 0x53 (83)
[97] : 0x00 (0)
[98] : 0x61 (97)
[99] : 0x00 (0)
[100] : 0x6d (109)
[101] : 0x00 (0)
[102] : 0x62 (98)
[103] : 0x00 (0)
[104] : 0x61 (97)
[105] : 0x00 (0)
[106] : 0x20 (32)
[107] : 0x00 (0)
[108] : 0x72 (114)
[109] : 0x00 (0)
[110] : 0x65 (101)
[111] : 0x00 (0)
[112] : 0x67 (103)
[113] : 0x00 (0)
[114] : 0x69 (105)
[115] : 0x00 (0)
[116] : 0x73 (115)
[117] : 0x00 (0)
[118] : 0x74 (116)
[119] : 0x00 (0)
[120] : 0x72 (114)
[121] : 0x00 (0)
[122] : 0x79 (121)
[123] : 0x00 (0)
[124] : 0x00 (0)
[125] : 0x00 (0)
size : 0x0000007e (126)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0074 (116)
name_size : 0x0074 (116)
name : *
name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [RemoteRegistry]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [Security]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
name: struct winreg_String
name_len : 0x0012 (18)
name_size : 0x0012 (18)
name : *
name : 'Security'
type : REG_BINARY (3)
data : *
data: ARRAY(120)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x04 (4)
[3] : 0x80 (128)
[4] : 0x00 (0)
[5] : 0x00 (0)
[6] : 0x00 (0)
[7] : 0x00 (0)
[8] : 0x00 (0)
[9] : 0x00 (0)
[10] : 0x00 (0)
[11] : 0x00 (0)
[12] : 0x00 (0)
[13] : 0x00 (0)
[14] : 0x00 (0)
[15] : 0x00 (0)
[16] : 0x14 (20)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
[20] : 0x02 (2)
[21] : 0x00 (0)
[22] : 0x64 (100)
[23] : 0x00 (0)
[24] : 0x04 (4)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x14 (20)
[31] : 0x00 (0)
[32] : 0x8d (141)
[33] : 0x01 (1)
[34] : 0x02 (2)
[35] : 0x00 (0)
[36] : 0x01 (1)
[37] : 0x01 (1)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x01 (1)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x18 (24)
[51] : 0x00 (0)
[52] : 0xfd (253)
[53] : 0x01 (1)
[54] : 0x02 (2)
[55] : 0x00 (0)
[56] : 0x01 (1)
[57] : 0x02 (2)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x05 (5)
[64] : 0x20 (32)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x23 (35)
[69] : 0x02 (2)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x18 (24)
[75] : 0x00 (0)
[76] : 0xff (255)
[77] : 0x01 (1)
[78] : 0x0f (15)
[79] : 0x00 (0)
[80] : 0x01 (1)
[81] : 0x02 (2)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x05 (5)
[88] : 0x20 (32)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x25 (37)
[93] : 0x02 (2)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x18 (24)
[99] : 0x00 (0)
[100] : 0xff (255)
[101] : 0x01 (1)
[102] : 0x0f (15)
[103] : 0x00 (0)
[104] : 0x01 (1)
[105] : 0x02 (2)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x05 (5)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x20 (32)
[117] : 0x02 (2)
[118] : 0x00 (0)
[119] : 0x00 (0)
size : 0x00000078 (120)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
regdb_unpack_values: value[0]: name[Security] len[120]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x004e (78)
name_size : 0x004e (78)
name : *
name : 'SYSTEM\CurrentControlSet\Services\WINS'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_ACTION_NONE (0)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [WINS]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x000c (12)
name_size : 0x000c (12)
name : *
name : 'Start'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x02 (2)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS]
regdb_unpack_values: value[0]: name[Start] len[4]
regdb_unpack_values: value[1]: name[Type] len[4]
regdb_unpack_values: value[2]: name[ErrorControl] len[4]
regdb_unpack_values: value[3]: name[ObjectName] len[24]
regdb_unpack_values: value[4]: name[DisplayName] len[74]
regdb_unpack_values: value[5]: name[ImagePath] len[54]
regdb_unpack_values: value[6]: name[Description] len[178]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x000a (10)
name_size : 0x000a (10)
name : *
name : 'Type'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x001a (26)
name_size : 0x001a (26)
name : *
name : 'ErrorControl'
type : REG_DWORD (4)
data : *
data: ARRAY(4)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
size : 0x00000004 (4)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x0016 (22)
name_size : 0x0016 (22)
name : *
name : 'ObjectName'
type : REG_SZ (1)
data : *
data: ARRAY(24)
[0] : 0x4c (76)
[1] : 0x00 (0)
[2] : 0x6f (111)
[3] : 0x00 (0)
[4] : 0x63 (99)
[5] : 0x00 (0)
[6] : 0x61 (97)
[7] : 0x00 (0)
[8] : 0x6c (108)
[9] : 0x00 (0)
[10] : 0x53 (83)
[11] : 0x00 (0)
[12] : 0x79 (121)
[13] : 0x00 (0)
[14] : 0x73 (115)
[15] : 0x00 (0)
[16] : 0x74 (116)
[17] : 0x00 (0)
[18] : 0x65 (101)
[19] : 0x00 (0)
[20] : 0x6d (109)
[21] : 0x00 (0)
[22] : 0x00 (0)
[23] : 0x00 (0)
size : 0x00000018 (24)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'DisplayName'
type : REG_SZ (1)
data : *
data: ARRAY(74)
[0] : 0x57 (87)
[1] : 0x00 (0)
[2] : 0x69 (105)
[3] : 0x00 (0)
[4] : 0x6e (110)
[5] : 0x00 (0)
[6] : 0x64 (100)
[7] : 0x00 (0)
[8] : 0x6f (111)
[9] : 0x00 (0)
[10] : 0x77 (119)
[11] : 0x00 (0)
[12] : 0x73 (115)
[13] : 0x00 (0)
[14] : 0x20 (32)
[15] : 0x00 (0)
[16] : 0x49 (73)
[17] : 0x00 (0)
[18] : 0x6e (110)
[19] : 0x00 (0)
[20] : 0x74 (116)
[21] : 0x00 (0)
[22] : 0x65 (101)
[23] : 0x00 (0)
[24] : 0x72 (114)
[25] : 0x00 (0)
[26] : 0x6e (110)
[27] : 0x00 (0)
[28] : 0x65 (101)
[29] : 0x00 (0)
[30] : 0x74 (116)
[31] : 0x00 (0)
[32] : 0x20 (32)
[33] : 0x00 (0)
[34] : 0x4e (78)
[35] : 0x00 (0)
[36] : 0x61 (97)
[37] : 0x00 (0)
[38] : 0x6d (109)
[39] : 0x00 (0)
[40] : 0x65 (101)
[41] : 0x00 (0)
[42] : 0x20 (32)
[43] : 0x00 (0)
[44] : 0x53 (83)
[45] : 0x00 (0)
[46] : 0x65 (101)
[47] : 0x00 (0)
[48] : 0x72 (114)
[49] : 0x00 (0)
[50] : 0x76 (118)
[51] : 0x00 (0)
[52] : 0x69 (105)
[53] : 0x00 (0)
[54] : 0x63 (99)
[55] : 0x00 (0)
[56] : 0x65 (101)
[57] : 0x00 (0)
[58] : 0x20 (32)
[59] : 0x00 (0)
[60] : 0x28 (40)
[61] : 0x00 (0)
[62] : 0x57 (87)
[63] : 0x00 (0)
[64] : 0x49 (73)
[65] : 0x00 (0)
[66] : 0x4e (78)
[67] : 0x00 (0)
[68] : 0x53 (83)
[69] : 0x00 (0)
[70] : 0x29 (41)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
size : 0x0000004a (74)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x0014 (20)
name_size : 0x0014 (20)
name : *
name : 'ImagePath'
type : REG_SZ (1)
data : *
data: ARRAY(54)
[0] : 0x2f (47)
[1] : 0x00 (0)
[2] : 0x75 (117)
[3] : 0x00 (0)
[4] : 0x73 (115)
[5] : 0x00 (0)
[6] : 0x72 (114)
[7] : 0x00 (0)
[8] : 0x2f (47)
[9] : 0x00 (0)
[10] : 0x6c (108)
[11] : 0x00 (0)
[12] : 0x69 (105)
[13] : 0x00 (0)
[14] : 0x62 (98)
[15] : 0x00 (0)
[16] : 0x2f (47)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x61 (97)
[21] : 0x00 (0)
[22] : 0x6d (109)
[23] : 0x00 (0)
[24] : 0x62 (98)
[25] : 0x00 (0)
[26] : 0x61 (97)
[27] : 0x00 (0)
[28] : 0x2f (47)
[29] : 0x00 (0)
[30] : 0x73 (115)
[31] : 0x00 (0)
[32] : 0x76 (118)
[33] : 0x00 (0)
[34] : 0x63 (99)
[35] : 0x00 (0)
[36] : 0x63 (99)
[37] : 0x00 (0)
[38] : 0x74 (116)
[39] : 0x00 (0)
[40] : 0x6c (108)
[41] : 0x00 (0)
[42] : 0x2f (47)
[43] : 0x00 (0)
[44] : 0x6e (110)
[45] : 0x00 (0)
[46] : 0x6d (109)
[47] : 0x00 (0)
[48] : 0x62 (98)
[49] : 0x00 (0)
[50] : 0x64 (100)
[51] : 0x00 (0)
[52] : 0x00 (0)
[53] : 0x00 (0)
size : 0x00000036 (54)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
name: struct winreg_String
name_len : 0x0018 (24)
name_size : 0x0018 (24)
name : *
name : 'Description'
type : REG_SZ (1)
data : *
data: ARRAY(178)
[0] : 0x49 (73)
[1] : 0x00 (0)
[2] : 0x6e (110)
[3] : 0x00 (0)
[4] : 0x74 (116)
[5] : 0x00 (0)
[6] : 0x65 (101)
[7] : 0x00 (0)
[8] : 0x72 (114)
[9] : 0x00 (0)
[10] : 0x6e (110)
[11] : 0x00 (0)
[12] : 0x61 (97)
[13] : 0x00 (0)
[14] : 0x6c (108)
[15] : 0x00 (0)
[16] : 0x20 (32)
[17] : 0x00 (0)
[18] : 0x73 (115)
[19] : 0x00 (0)
[20] : 0x65 (101)
[21] : 0x00 (0)
[22] : 0x72 (114)
[23] : 0x00 (0)
[24] : 0x76 (118)
[25] : 0x00 (0)
[26] : 0x69 (105)
[27] : 0x00 (0)
[28] : 0x63 (99)
[29] : 0x00 (0)
[30] : 0x65 (101)
[31] : 0x00 (0)
[32] : 0x20 (32)
[33] : 0x00 (0)
[34] : 0x70 (112)
[35] : 0x00 (0)
[36] : 0x72 (114)
[37] : 0x00 (0)
[38] : 0x6f (111)
[39] : 0x00 (0)
[40] : 0x76 (118)
[41] : 0x00 (0)
[42] : 0x69 (105)
[43] : 0x00 (0)
[44] : 0x64 (100)
[45] : 0x00 (0)
[46] : 0x69 (105)
[47] : 0x00 (0)
[48] : 0x6e (110)
[49] : 0x00 (0)
[50] : 0x67 (103)
[51] : 0x00 (0)
[52] : 0x20 (32)
[53] : 0x00 (0)
[54] : 0x61 (97)
[55] : 0x00 (0)
[56] : 0x20 (32)
[57] : 0x00 (0)
[58] : 0x4e (78)
[59] : 0x00 (0)
[60] : 0x65 (101)
[61] : 0x00 (0)
[62] : 0x74 (116)
[63] : 0x00 (0)
[64] : 0x42 (66)
[65] : 0x00 (0)
[66] : 0x49 (73)
[67] : 0x00 (0)
[68] : 0x4f (79)
[69] : 0x00 (0)
[70] : 0x53 (83)
[71] : 0x00 (0)
[72] : 0x20 (32)
[73] : 0x00 (0)
[74] : 0x70 (112)
[75] : 0x00 (0)
[76] : 0x6f (111)
[77] : 0x00 (0)
[78] : 0x69 (105)
[79] : 0x00 (0)
[80] : 0x6e (110)
[81] : 0x00 (0)
[82] : 0x74 (116)
[83] : 0x00 (0)
[84] : 0x2d (45)
[85] : 0x00 (0)
[86] : 0x74 (116)
[87] : 0x00 (0)
[88] : 0x6f (111)
[89] : 0x00 (0)
[90] : 0x2d (45)
[91] : 0x00 (0)
[92] : 0x70 (112)
[93] : 0x00 (0)
[94] : 0x6f (111)
[95] : 0x00 (0)
[96] : 0x69 (105)
[97] : 0x00 (0)
[98] : 0x6e (110)
[99] : 0x00 (0)
[100] : 0x74 (116)
[101] : 0x00 (0)
[102] : 0x20 (32)
[103] : 0x00 (0)
[104] : 0x6e (110)
[105] : 0x00 (0)
[106] : 0x61 (97)
[107] : 0x00 (0)
[108] : 0x6d (109)
[109] : 0x00 (0)
[110] : 0x65 (101)
[111] : 0x00 (0)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x73 (115)
[115] : 0x00 (0)
[116] : 0x65 (101)
[117] : 0x00 (0)
[118] : 0x72 (114)
[119] : 0x00 (0)
[120] : 0x76 (118)
[121] : 0x00 (0)
[122] : 0x65 (101)
[123] : 0x00 (0)
[124] : 0x72 (114)
[125] : 0x00 (0)
[126] : 0x28 (40)
[127] : 0x00 (0)
[128] : 0x6e (110)
[129] : 0x00 (0)
[130] : 0x6f (111)
[131] : 0x00 (0)
[132] : 0x74 (116)
[133] : 0x00 (0)
[134] : 0x20 (32)
[135] : 0x00 (0)
[136] : 0x72 (114)
[137] : 0x00 (0)
[138] : 0x65 (101)
[139] : 0x00 (0)
[140] : 0x6d (109)
[141] : 0x00 (0)
[142] : 0x6f (111)
[143] : 0x00 (0)
[144] : 0x74 (116)
[145] : 0x00 (0)
[146] : 0x65 (101)
[147] : 0x00 (0)
[148] : 0x6c (108)
[149] : 0x00 (0)
[150] : 0x79 (121)
[151] : 0x00 (0)
[152] : 0x20 (32)
[153] : 0x00 (0)
[154] : 0x6d (109)
[155] : 0x00 (0)
[156] : 0x61 (97)
[157] : 0x00 (0)
[158] : 0x6e (110)
[159] : 0x00 (0)
[160] : 0x61 (97)
[161] : 0x00 (0)
[162] : 0x67 (103)
[163] : 0x00 (0)
[164] : 0x65 (101)
[165] : 0x00 (0)
[166] : 0x61 (97)
[167] : 0x00 (0)
[168] : 0x62 (98)
[169] : 0x00 (0)
[170] : 0x6c (108)
[171] : 0x00 (0)
[172] : 0x65 (101)
[173] : 0x00 (0)
[174] : 0x29 (41)
[175] : 0x00 (0)
[176] : 0x00 (0)
[177] : 0x00 (0)
size : 0x000000b2 (178)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CreateKey: struct winreg_CreateKey
in: struct winreg_CreateKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
name: struct winreg_String
name_len : 0x0060 (96)
name_size : 0x0060 (96)
name : *
name : 'SYSTEM\CurrentControlSet\Services\WINS\Security'
keyclass: struct winreg_String
name_len : 0x0002 (2)
name_size : 0x0002 (2)
name : *
name : ''
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
secdesc : NULL
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
_winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security'
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regdb_close: decrementing refcount (5->4)
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
regkey_open_onelevel: name = [WINS]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
regdb_close: decrementing refcount (5->4)
regkey_open_onelevel: name = [Security]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
regdb_close: decrementing refcount (5->4)
winreg_CreateKey: struct winreg_CreateKey
out: struct winreg_CreateKey
new_handle : *
new_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
action_taken : *
action_taken : REG_OPENED_EXISTING_KEY (2)
result : WERR_OK
winreg_SetValue: struct winreg_SetValue
in: struct winreg_SetValue
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
name: struct winreg_String
name_len : 0x0012 (18)
name_size : 0x0012 (18)
name : *
name : 'Security'
type : REG_BINARY (3)
data : *
data: ARRAY(120)
[0] : 0x01 (1)
[1] : 0x00 (0)
[2] : 0x04 (4)
[3] : 0x80 (128)
[4] : 0x00 (0)
[5] : 0x00 (0)
[6] : 0x00 (0)
[7] : 0x00 (0)
[8] : 0x00 (0)
[9] : 0x00 (0)
[10] : 0x00 (0)
[11] : 0x00 (0)
[12] : 0x00 (0)
[13] : 0x00 (0)
[14] : 0x00 (0)
[15] : 0x00 (0)
[16] : 0x14 (20)
[17] : 0x00 (0)
[18] : 0x00 (0)
[19] : 0x00 (0)
[20] : 0x02 (2)
[21] : 0x00 (0)
[22] : 0x64 (100)
[23] : 0x00 (0)
[24] : 0x04 (4)
[25] : 0x00 (0)
[26] : 0x00 (0)
[27] : 0x00 (0)
[28] : 0x00 (0)
[29] : 0x00 (0)
[30] : 0x14 (20)
[31] : 0x00 (0)
[32] : 0x8d (141)
[33] : 0x01 (1)
[34] : 0x02 (2)
[35] : 0x00 (0)
[36] : 0x01 (1)
[37] : 0x01 (1)
[38] : 0x00 (0)
[39] : 0x00 (0)
[40] : 0x00 (0)
[41] : 0x00 (0)
[42] : 0x00 (0)
[43] : 0x01 (1)
[44] : 0x00 (0)
[45] : 0x00 (0)
[46] : 0x00 (0)
[47] : 0x00 (0)
[48] : 0x00 (0)
[49] : 0x00 (0)
[50] : 0x18 (24)
[51] : 0x00 (0)
[52] : 0xfd (253)
[53] : 0x01 (1)
[54] : 0x02 (2)
[55] : 0x00 (0)
[56] : 0x01 (1)
[57] : 0x02 (2)
[58] : 0x00 (0)
[59] : 0x00 (0)
[60] : 0x00 (0)
[61] : 0x00 (0)
[62] : 0x00 (0)
[63] : 0x05 (5)
[64] : 0x20 (32)
[65] : 0x00 (0)
[66] : 0x00 (0)
[67] : 0x00 (0)
[68] : 0x23 (35)
[69] : 0x02 (2)
[70] : 0x00 (0)
[71] : 0x00 (0)
[72] : 0x00 (0)
[73] : 0x00 (0)
[74] : 0x18 (24)
[75] : 0x00 (0)
[76] : 0xff (255)
[77] : 0x01 (1)
[78] : 0x0f (15)
[79] : 0x00 (0)
[80] : 0x01 (1)
[81] : 0x02 (2)
[82] : 0x00 (0)
[83] : 0x00 (0)
[84] : 0x00 (0)
[85] : 0x00 (0)
[86] : 0x00 (0)
[87] : 0x05 (5)
[88] : 0x20 (32)
[89] : 0x00 (0)
[90] : 0x00 (0)
[91] : 0x00 (0)
[92] : 0x25 (37)
[93] : 0x02 (2)
[94] : 0x00 (0)
[95] : 0x00 (0)
[96] : 0x00 (0)
[97] : 0x00 (0)
[98] : 0x18 (24)
[99] : 0x00 (0)
[100] : 0xff (255)
[101] : 0x01 (1)
[102] : 0x0f (15)
[103] : 0x00 (0)
[104] : 0x01 (1)
[105] : 0x02 (2)
[106] : 0x00 (0)
[107] : 0x00 (0)
[108] : 0x00 (0)
[109] : 0x00 (0)
[110] : 0x00 (0)
[111] : 0x05 (5)
[112] : 0x20 (32)
[113] : 0x00 (0)
[114] : 0x00 (0)
[115] : 0x00 (0)
[116] : 0x20 (32)
[117] : 0x02 (2)
[118] : 0x00 (0)
[119] : 0x00 (0)
size : 0x00000078 (120)
_winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security]
tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
regdb_unpack_values: value[0]: name[Security] len[120]
winreg_SetValue: struct winreg_SetValue
out: struct winreg_SetValue
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
regdb_close: decrementing refcount (4->3)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
regdb_close: decrementing refcount (3->2)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
regdb_close: decrementing refcount (2->1)
regdb_close: decrementing refcount (1->0)
dcesrv_interface_register: Interface 'svcctl' registered on endpoint 'ncacn_np:[\pipe\svcctl]' (single process required)
dcesrv_interface_register: Interface 'svcctl' registered on endpoint 'ncalrpc:' (single process required)
dcesrv_interface_register: Interface 'ntsvcs' registered on endpoint 'ncacn_np:[\pipe\ntsvcs]' (single process required)
dcesrv_interface_register: Interface 'ntsvcs' registered on endpoint 'ncacn_np:[\pipe\plugplay]' (single process required)
Initialise the eventlog registry keys if needed.
make_internal_ncacn_conn: Create pipe requested winreg
Created internal pipe winreg
winreg_OpenHKLM: struct winreg_OpenHKLM
in: struct winreg_OpenHKLM
system_name : NULL
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
regkey_open_onelevel: name = [HKLM]
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
regdb_open: registry db opened. refcount reset (1)
reghook_cache_find: Searching for keyname [\HKLM]
pathtree_find: Enter [\HKLM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM]
winreg_OpenHKLM: struct winreg_OpenHKLM
out: struct winreg_OpenHKLM
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 3d2db9c1-02aa-45b9-a156-1dcc203ce978
result : WERR_OK
winreg_OpenKey: struct winreg_OpenKey
in: struct winreg_OpenKey
parent_handle : *
parent_handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : 3d2db9c1-02aa-45b9-a156-1dcc203ce978
keyname: struct winreg_String
name_len : 0x0056 (86)
name_size : 0x0056 (86)
name : *
name : 'SYSTEM\CurrentControlSet\Services\Eventlog'
options : 0x00000000 (0)
0: REG_OPTION_VOLATILE
0: REG_OPTION_CREATE_LINK
0: REG_OPTION_BACKUP_RESTORE
0: REG_OPTION_OPEN_LINK
access_mask : 0x02000000 (33554432)
0: KEY_QUERY_VALUE
0: KEY_SET_VALUE
0: KEY_CREATE_SUB_KEY
0: KEY_ENUMERATE_SUB_KEYS
0: KEY_NOTIFY
0: KEY_CREATE_LINK
0: KEY_WOW64_64KEY
0: KEY_WOW64_32KEY
regkey_open_onelevel: name = [SYSTEM]
regdb_open: incrementing refcount (1->2)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
pathtree_find: Enter [\HKLM\SYSTEM]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
regkey_open_onelevel: name = [CurrentControlSet]
regdb_open: incrementing refcount (2->3)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
regkey_open_onelevel: name = [Services]
regdb_open: incrementing refcount (3->4)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
regkey_open_onelevel: name = [Eventlog]
regdb_open: incrementing refcount (4->5)
reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
pathtree_find: Exit
reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
regdb_close: decrementing refcount (5->4)
regdb_close: decrementing refcount (4->3)
regdb_close: decrementing refcount (3->2)
winreg_OpenKey: struct winreg_OpenKey
out: struct winreg_OpenKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
result : WERR_OK
winreg_QueryInfoKey: struct winreg_QueryInfoKey
in: struct winreg_QueryInfoKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
classname : *
classname: struct winreg_String
name_len : 0x0000 (0)
name_size : 0x0000 (0)
name : NULL
fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0xb6c0524c)
regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
regdb_unpack_values: value[0]: name[DisplayName] len[20]
regdb_unpack_values: value[1]: name[ErrorControl] len[4]
regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
winreg_QueryInfoKey: struct winreg_QueryInfoKey
out: struct winreg_QueryInfoKey
classname : *
classname: struct winreg_String
name_len : 0x0000 (0)
name_size : 0x0000 (0)
name : NULL
num_subkeys : *
num_subkeys : 0x00000000 (0)
max_subkeylen : *
max_subkeylen : 0x00000000 (0)
max_classlen : *
max_classlen : 0x00000000 (0)
num_values : *
num_values : 0x00000002 (2)
max_valnamelen : *
max_valnamelen : 0x0000001a (26)
max_valbufsize : *
max_valbufsize : 0x00000014 (20)
secdescsize : *
secdescsize : 0x00000078 (120)
last_changed_time : *
last_changed_time : NTTIME(0)
result : WERR_OK
winreg_CloseKey: struct winreg_CloseKey
in: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000001 (1)
uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
regdb_close: decrementing refcount (2->1)
winreg_CloseKey: struct winreg_CloseKey
out: struct winreg_CloseKey
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 00000000-0000-0000-0000-000000000000
result : WERR_OK
regdb_close: decrementing refcount (1->0)
dcesrv_interface_register: Interface 'eventlog' registered on endpoint 'ncacn_np:[\pipe\eventlog]' (single process required)
dcesrv_interface_register: Interface 'initshutdown' registered on endpoint 'ncacn_np:[\pipe\InitShutdown]' (single process required)
dcesrv_init: Initializing DCE/RPC connection endpoints
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\InitShutdown]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 25 for initshutdown
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\InitShutdown]' for 'initshutdown' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\eventlog]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 26 for eventlog
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\eventlog]' for 'eventlog' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\plugplay]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 27 for plugplay
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\plugplay]' for 'ntsvcs' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\ntsvcs]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 28 for ntsvcs
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\ntsvcs]' for 'ntsvcs' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\svcctl]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 29 for svcctl
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\svcctl]' for 'svcctl' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\wkssvc]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 30 for wkssvc
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\wkssvc]' for 'wkssvc' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\netdfs]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 31 for netdfs
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\netdfs]' for 'netdfs' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\samr]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 32 for samr
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\samr]' for 'samr' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\lsass]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 33 for lsass
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\lsass]' for 'dssetup' 'lsarpc' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\lsarpc]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 34 for lsarpc
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\lsarpc]' for 'dssetup' 'lsarpc' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\netlogon]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 35 for netlogon
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\netlogon]' for 'lsarpc' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\srvsvc]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 36 for srvsvc
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\srvsvc]' for 'srvsvc' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncalrpc:'
dcesrv_create_ncalrpc_socket: Opened ncalrpc socket fd '37' for '/var/run/samba/ncalrpc/DEFAULT'
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncalrpc:[DEFAULT]' for 'svcctl' 'wkssvc' 'dssetup' 'netdfs' 'samr' 'lsarpc' 'srvsvc' 'winreg' 'mgmt'
dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\winreg]'
dcesrv_create_ncacn_np_socket: Opened pipe socket fd 38 for winreg
dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\winreg]' for 'winreg' 'mgmt'
daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
bind succeeded on port 445
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 0
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 16384
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 16
IPTOS_THROUGHPUT = 16
SO_REUSEPORT = 1
SO_SNDBUF = 16384
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
bind succeeded on port 445
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 0
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 16384
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 16
IPTOS_THROUGHPUT = 16
SO_REUSEPORT = 1
SO_SNDBUF = 16384
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
Registering messaging pointer for type 13 - private_data=0
Registering messaging pointer for type 33 - private_data=0xb5e6ce70
Registering messaging pointer for type 783 - private_data=0
Registering messaging pointer for type 1 - private_data=0
Overriding messaging pointer for type 1 - private_data=0
Registering messaging pointer for type 770 - private_data=0
Registering messaging pointer for type 801 - private_data=0
Registering messaging pointer for type 790 - private_data=0
Registering messaging pointer for type 791 - private_data=0
Registering messaging pointer for type 15 - private_data=0
Registering messaging pointer for type 16 - private_data=0
Registering messaging pointer for type 799 - private_data=0
waiting for connections
messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2814
messaging_dgm_send: Sending message to 2815
messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2812
messaging_dgm_send: Sending message to 2814
messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2812
msg_dgm_ref_destructor: refs=0
messaging_dgm_ref: messaging_dgm_init returned No error information
messaging_dgm_ref: unique = 10169109332985008142
Registered MSG_REQ_POOL_USAGE
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
smbXsrv_client_create: client_guid[00000000-0000-0000-0000-000000000000] created
&client_blob: struct smbXsrv_clientB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_clientU(case 0)
info0 : *
info0: struct smbXsrv_client
table : *
raw_ev_ctx : *
msg_ctx : *
global : *
global: struct smbXsrv_client_global0
db_rec : NULL
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
local_address : NULL
remote_address : NULL
remote_name : NULL
initial_connect_time : Fri Jun 17 06:24:29 2022 UTC
client_guid : 00000000-0000-0000-0000-000000000000
stored : 0x00 (0)
sconn : NULL
session_table : NULL
tcon_table : NULL
open_table : NULL
connections : NULL
server_multi_channel_enabled: 0x00 (0)
next_channel_id : 0x0000000000000000 (0)
connection_pass_subreq : NULL
pending_breaks : NULL
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 16
IPTOS_THROUGHPUT = 16
SO_REUSEPORT = 1
SO_SNDBUF = 44800
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 120
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 16
IPTOS_THROUGHPUT = 16
SO_REUSEPORT = 1
SO_SNDBUF = 44800
SO_RCVBUF = 131072
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
Allowed connection from 192.168.1.10 (192.168.1.10)
Connection allowed from ipv4:192.168.1.10:33674 to ipv4:192.168.1.250:445
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
init_oplocks: initializing messages.
Registering messaging pointer for type 774 - private_data=0xb5a30e70
Registering messaging pointer for type 778 - private_data=0xb5a30e70
Registering messaging pointer for type 770 - private_data=0xb5a30e70
Registering messaging pointer for type 801 - private_data=0xb5a30e70
Registering messaging pointer for type 787 - private_data=0xb5a30e70
Registering messaging pointer for type 779 - private_data=0xb5a30e70
Registering messaging pointer for type 15 - private_data=0
Overriding messaging pointer for type 15 - private_data=0
Deregistering messaging pointer for type 16 - private_data=0
Registering messaging pointer for type 16 - private_data=0xb5a30e70
Deregistering messaging pointer for type 33 - private_data=0xb5e6ce70
Registering messaging pointer for type 33 - private_data=0xb5a30e70
Deregistering messaging pointer for type 790 - private_data=0
Registering messaging pointer for type 790 - private_data=0xb5a30e70
Deregistering messaging pointer for type 791 - private_data=0
Deregistering messaging pointer for type 1 - private_data=0
Registering messaging pointer for type 1 - private_data=0
event_add_idle: idle_evt(keepalive) 0xb52367c0
event_add_idle: idle_evt(deadtime) 0xb5236840
event_add_idle: idle_evt(housekeeping) 0xb52368c0
got smb length of 166
got message type 0x0 of len 0xa6
Transaction 0 of length 170 (0 toread)
smbd_smb2_first_negprot: packet length 166
smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 0 (position 0) from bitmap
smbd_smb2_request_dispatch: opcode[SMB2_OP_NEGPROT] mid = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
change_to_root_user: now uid=(0,0) gid=(0,0)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
set_remote_arch: Client arch is 'Vista'
INFO: Current debug levels:
all: 10
tdb: 10
printdrivers: 10
lanman: 10
smb: 10
rpc_parse: 10
rpc_srv: 10
rpc_cli: 10
passdb: 10
sam: 10
auth: 10
winbind: 10
vfs: 10
idmap: 10
quota: 10
acls: 10
locking: 10
msdfs: 10
dmapi: 10
registry: 10
scavenger: 10
dns: 10
ldb: 10
tevent: 10
auth_audit: 10
auth_json_audit: 10
kerberos: 10
drs_repl: 10
smb2: 10
smb2_credits: 10
dsdb_audit: 10
dsdb_json_audit: 10
dsdb_password_audit: 10
dsdb_password_json_audit: 10
dsdb_transaction_audit: 10
dsdb_transaction_json_audit: 10
dsdb_group_audit: 10
dsdb_group_json_audit: 10
lp_file_list_changed()
file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
Selected protocol SMB3_11
make_auth3_context_for_ntlm: Making default auth method list for server role = 'standalone server', encrypt passwords = yes
Attempting to register auth backend anonymous
Successfully added auth method 'anonymous'
Attempting to register auth backend sam
Successfully added auth method 'sam'
Attempting to register auth backend sam_ignoredomain
Successfully added auth method 'sam_ignoredomain'
Attempting to register auth backend sam_netlogon3
Successfully added auth method 'sam_netlogon3'
Attempting to register auth backend unix
Successfully added auth method 'unix'
load_auth_module: Attempting to find an auth method to match anonymous
load_auth_module: auth method anonymous has a valid init
load_auth_module: Attempting to find an auth method to match sam_ignoredomain
load_auth_module: auth method sam_ignoredomain has a valid init
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism ntlmssp
gensec_update_send: spnego[0xb522fe70]: subreq: 0xb68b1370
gensec_update_done: spnego[0xb522fe70]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb68b1370/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0xb68b1450)] timer[0] finish[../../auth/gensec/spnego.c:2116]
smbd_smb2_request_done_ex: mid [0] idx[1] status[NT_STATUS_OK] body[64] dyn[yes:140] at ../../source3/smbd/smb2_negprot.c:667
smb2_set_operation_credit: smb2_set_operation_credit: requested 31, charge 1, granted 1, current possible/max 8192/8192, total granted/max/low/range 1/8192/1/1
smbd_smb2_request idx[1] of 5 vectors
smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 1 (position 1) from bitmap
smbd_smb2_request_dispatch: opcode[SMB2_OP_SESSSETUP] mid = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
change_to_root_user: now uid=(0,0) gid=(0,0)
dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
db_tdb_log_key: Locking key 7E555992
db_tdb_fetch_locked_internal: Allocated locked data 0xb6388cd0
dbwrap_watched_subrec_wakeup_fn: No watchers
smbXsrv_session_global_store: key '7E555992' stored
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000001 (1)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x00 (0)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x00 (0)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
db_tdb_log_key: Unlocking key 7E555992
smbXsrv_session_create: global_id (0x7e555992) stored
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
client : *
local_id : 0x7e555992 (2119522706)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x00 (0)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x00 (0)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
status : NT_STATUS_MORE_PROCESSING_REQUIRED
idle_time : Fri Jun 17 06:24:29 2022 UTC
nonce_high_random : 0x0000000000000000 (0)
nonce_high_max : 0x0000000000000000 (0)
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
tcon_table : *
homes_snum : 0xffffffff (4294967295)
pending_auth : NULL
make_auth3_context_for_ntlm: Making default auth method list for server role = 'standalone server', encrypt passwords = yes
load_auth_module: Attempting to find an auth method to match anonymous
load_auth_module: auth method anonymous has a valid init
load_auth_module: Attempting to find an auth method to match sam_ignoredomain
load_auth_module: auth method sam_ignoredomain has a valid init
Starting GENSEC mechanism spnego
dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
db_tdb_log_key: Locking key 7E555992
db_tdb_fetch_locked_internal: Allocated locked data 0xb6553cc0
dbwrap_watched_subrec_wakeup_fn: No watchers
smbXsrv_session_global_store: key '7E555992' stored
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000002 (2)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x00 (0)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x00 (0)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
db_tdb_log_key: Unlocking key 7E555992
smbXsrv_session_update: global_id (0x7e555992) stored
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
client : *
local_id : 0x7e555992 (2119522706)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x00 (0)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x00 (0)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
status : NT_STATUS_MORE_PROCESSING_REQUIRED
idle_time : Fri Jun 17 06:24:29 2022 UTC
nonce_high_random : 0x0000000000000000 (0)
nonce_high_max : 0x0000000000000000 (0)
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
tcon_table : *
homes_snum : 0xffffffff (4294967295)
pending_auth : *
pending_auth: struct smbXsrv_session_auth0
prev : *
next : NULL
session : *
connection : *
gensec : *
preauth : *
in_flags : 0x00 (0)
in_security_mode : 0x01 (1)
creation_time : Fri Jun 17 06:24:29 2022 UTC
idle_time : Fri Jun 17 06:24:29 2022 UTC
channel_id : 0x0000000000000000 (0)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Starting GENSEC submechanism ntlmssp
Got NTLMSSP neg_flags=0x62088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
negotiate: struct NEGOTIATE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmNegotiate (1)
NegotiateFlags : 0x62088215 (1644724757)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
0: NTLMSSP_TARGET_TYPE_DOMAIN
0: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
0: NTLMSSP_NEGOTIATE_TARGET_INFO
1: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
DomainNameLen : 0x0000 (0)
DomainNameMaxLen : 0x0000 (0)
DomainName : *
DomainName : ''
WorkstationLen : 0x0000 (0)
WorkstationMaxLen : 0x0000 (0)
Workstation : *
Workstation : ''
Version: struct ntlmssp_VERSION
ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
ProductBuild : 0x0000 (0)
Reserved: ARRAY(3)
[0] : 0x00 (0)
[1] : 0x00 (0)
[2] : 0x00 (0)
NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15)
short string '', sent with NULL termination despite NOTERM flag in IDL
challenge: struct CHALLENGE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmChallenge (0x2)
TargetNameLen : 0x000c (12)
TargetNameMaxLen : 0x000c (12)
TargetName : *
TargetName : 'ZALUPA'
NegotiateFlags : 0x628a8215 (1653244437)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
0: NTLMSSP_TARGET_TYPE_DOMAIN
1: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
1: NTLMSSP_NEGOTIATE_TARGET_INFO
1: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
ServerChallenge : f14c1b3240d37380
Reserved : 0000000000000000
TargetInfoLen : 0x004c (76)
TargetInfoMaxLen : 0x004c (76)
TargetInfo : *
TargetInfo: struct AV_PAIR_LIST
count : 0x00000006 (6)
pair: ARRAY(6)
pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x2)
AvNbDomainName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x1)
AvNbComputerName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
AvLen : 0x0002 (2)
Value : union ntlmssp_AvValue(case 0x4)
AvDnsDomainName : ''
pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
AvLen : 0x0012 (18)
Value : union ntlmssp_AvValue(case 0x3)
AvDnsComputerName : 'localhost'
pair: struct AV_PAIR
AvId : MsvAvTimestamp (0x7)
AvLen : 0x0008 (8)
Value : union ntlmssp_AvValue(case 0x7)
AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
pair: struct AV_PAIR
AvId : MsvAvEOL (0x0)
AvLen : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
Version: struct ntlmssp_VERSION
ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6)
ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1)
ProductBuild : 0x0000 (0)
Reserved : 000000
NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF)
gensec_update_send: ntlmssp[0xb5236bc0]: subreq: 0xb546dc80
gensec_update_send: spnego[0xb5236a40]: subreq: 0xb59ce370
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
gensec_update_done: ntlmssp[0xb5236bc0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb546dc80/../../auth/ntlmssp/ntlmssp.c:180]: state[2] error[0 (0x0)] state[struct gensec_ntlmssp_update_state (0xb546dd60)] timer[0] finish[../../auth/ntlmssp/ntlmssp.c:215]
gensec_update_done: spnego[0xb5236a40]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb59ce370/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0xb59ce450)] timer[0] finish[../../auth/gensec/spnego.c:2116]
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
smbd_smb2_request_done_ex: mid [1] idx[1] status[NT_STATUS_MORE_PROCESSING_REQUIRED] body[8] dyn[yes:175] at ../../source3/smbd/smb2_sesssetup.c:183
smb2_set_operation_credit: smb2_set_operation_credit: requested 8192, charge 1, granted 1, current possible/max 8192/8192, total granted/max/low/range 1/8192/2/1
smbd_smb2_request idx[1] of 5 vectors
smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 2 (position 2) from bitmap
smbd_smb2_request_dispatch: opcode[SMB2_OP_SESSSETUP] mid = 2
dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
db_tdb_log_key: Locking key 7E555992
db_tdb_fetch_locked_internal: Allocated locked data 0xb695fe10
dbwrap_watched_subrec_wakeup_fn: No watchers
smbXsrv_session_global_store: key '7E555992' stored
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000003 (3)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x04 (4)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x08 (8)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
db_tdb_log_key: Unlocking key 7E555992
smbXsrv_session_update: global_id (0x7e555992) stored
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
client : *
local_id : 0x7e555992 (2119522706)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x04 (4)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x08 (8)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
status : NT_STATUS_MORE_PROCESSING_REQUIRED
idle_time : Fri Jun 17 06:24:29 2022 UTC
nonce_high_random : 0x0000000000000000 (0)
nonce_high_max : 0x0000000000000000 (0)
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
tcon_table : *
homes_snum : 0xffffffff (4294967295)
pending_auth : *
pending_auth: struct smbXsrv_session_auth0
prev : *
next : NULL
session : *
connection : *
gensec : *
preauth : *
in_flags : 0x00 (0)
in_security_mode : 0x01 (1)
creation_time : Fri Jun 17 06:24:29 2022 UTC
idle_time : Fri Jun 17 06:24:29 2022 UTC
channel_id : 0x0000000000000000 (0)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
change_to_root_user: now uid=(0,0) gid=(0,0)
dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
db_tdb_log_key: Locking key 7E555992
db_tdb_fetch_locked_internal: Allocated locked data 0xb6577c80
dbwrap_watched_subrec_wakeup_fn: No watchers
smbXsrv_session_global_store: key '7E555992' stored
&global_blob: struct smbXsrv_session_globalB
version : SMBXSRV_VERSION_0 (0)
seqnum : 0x00000004 (4)
info : union smbXsrv_session_globalU(case 0)
info0 : *
info0: struct smbXsrv_session_global0
db_rec : *
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x04 (4)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x08 (8)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
db_tdb_log_key: Unlocking key 7E555992
smbXsrv_session_update: global_id (0x7e555992) stored
&session_blob: struct smbXsrv_sessionB
version : SMBXSRV_VERSION_0 (0)
reserved : 0x00000000 (0)
info : union smbXsrv_sessionU(case 0)
info0 : *
info0: struct smbXsrv_session
table : *
db_rec : NULL
client : *
local_id : 0x7e555992 (2119522706)
global : *
global: struct smbXsrv_session_global0
db_rec : NULL
session_global_id : 0x7e555992 (2119522706)
session_wire_id : 0x000000007e555992 (2119522706)
creation_time : Fri Jun 17 06:24:29 2022 UTC
expiration_time : Tue Jan 19 03:14:07 2038 UTC
auth_time : NTTIME(0)
auth_session_info_seqnum : 0x00000000 (0)
auth_session_info : NULL
connection_dialect : 0x0311 (785)
signing_flags : 0x04 (4)
0: SMBXSRV_SIGNING_REQUIRED
0: SMBXSRV_PROCESSED_SIGNED_PACKET
1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
encryption_flags : 0x08 (8)
0: SMBXSRV_ENCRYPTION_REQUIRED
0: SMBXSRV_ENCRYPTION_DESIRED
0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
signing_key : NULL
encryption_key : NULL
decryption_key : NULL
num_channels : 0x00000001 (1)
channels: ARRAY(1)
channels: struct smbXsrv_channel_global0
server_id: struct server_id
pid : 0x0000000000000b00 (2816)
task_id : 0x00000000 (0)
vnn : 0xffffffff (4294967295)
unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
channel_id : 0x0000000000000000 (0)
creation_time : Fri Jun 17 06:24:29 2022 UTC
local_address : 'ipv4:192.168.1.250:445'
remote_address : 'ipv4:192.168.1.10:33674'
remote_name : '192.168.1.10'
signing_key : NULL
auth_session_info_seqnum : 0x00000000 (0)
connection : *
encryption_cipher : 0x0000 (0)
status : NT_STATUS_MORE_PROCESSING_REQUIRED
idle_time : Fri Jun 17 06:24:29 2022 UTC
nonce_high_random : 0x0000000000000000 (0)
nonce_high_max : 0x0000000000000000 (0)
nonce_high : 0x0000000000000000 (0)
nonce_low : 0x0000000000000000 (0)
tcon_table : *
homes_snum : 0xffffffff (4294967295)
pending_auth : *
pending_auth: struct smbXsrv_session_auth0
prev : *
next : NULL
session : *
connection : *
gensec : *
preauth : *
in_flags : 0x00 (0)
in_security_mode : 0x01 (1)
creation_time : Fri Jun 17 06:24:29 2022 UTC
idle_time : Fri Jun 17 06:24:29 2022 UTC
channel_id : 0x0000000000000000 (0)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
short string '', sent with NULL termination despite NOTERM flag in IDL
authenticate: struct AUTHENTICATE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmAuthenticate (3)
LmChallengeResponseLen : 0x0018 (24)
LmChallengeResponseMaxLen: 0x0018 (24)
LmChallengeResponse : *
LmChallengeResponse : union ntlmssp_LM_RESPONSE_with_len(case 24)
v1: struct LM_RESPONSE
Response : 000000000000000000000000000000000000000000000000
NtChallengeResponseLen : 0x00f0 (240)
NtChallengeResponseMaxLen: 0x00f0 (240)
NtChallengeResponse : *
NtChallengeResponse : union ntlmssp_NTLM_RESPONSE_with_len(case 240)
v2: struct NTLMv2_RESPONSE
Response : f56c39cd9bbed52f265fe8e89441d11b
Challenge: struct NTLMv2_CLIENT_CHALLENGE
RespType : 0x01 (1)
HiRespType : 0x01 (1)
Reserved1 : 0x0000 (0)
Reserved2 : 0x00000000 (0)
TimeStamp : Fri Jun 17 06:24:29 2022 UTC
ChallengeFromClient : 1e4cc3a1d73513c2
Reserved3 : 0x00000000 (0)
AvPairs: struct AV_PAIR_LIST
count : 0x0000000a (10)
pair: ARRAY(10)
pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x2)
AvNbDomainName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x1)
AvNbComputerName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
AvLen : 0x0002 (2)
Value : union ntlmssp_AvValue(case 0x4)
AvDnsDomainName : ''
pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
AvLen : 0x0012 (18)
Value : union ntlmssp_AvValue(case 0x3)
AvDnsComputerName : 'localhost'
pair: struct AV_PAIR
AvId : MsvAvTimestamp (0x7)
AvLen : 0x0008 (8)
Value : union ntlmssp_AvValue(case 0x7)
AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
pair: struct AV_PAIR
AvId : MsvAvFlags (0x6)
AvLen : 0x0004 (4)
Value : union ntlmssp_AvValue(case 0x6)
AvFlags : 0x00000002 (2)
0: NTLMSSP_AVFLAG_CONSTRAINTED_ACCOUNT
1: NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE
0: NTLMSSP_AVFLAG_TARGET_SPN_FROM_UNTRUSTED_SOURCE
pair: struct AV_PAIR
AvId : MsvAvSingleHost (0x8)
AvLen : 0x0030 (48)
Value : union ntlmssp_AvValue(case 0x8)
AvSingleHost: struct ntlmssp_SingleHostData
Size : 0x00000030 (48)
Z4 : 0x00000000 (0)
token_info: struct LSAP_TOKEN_INFO_INTEGRITY
Flags : 0x00000000 (0)
TokenIL : 0x00000000 (0)
MachineId : 7969e1bb5a679eabae86f2535f1149654f4926a205ea239f17fb49c576bba7f3
remaining : DATA_BLOB length=0
pair: struct AV_PAIR
AvId : MsvChannelBindings (0xA)
AvLen : 0x0010 (16)
Value : union ntlmssp_AvValue(case 0xA)
ChannelBindings : 00000000000000000000000000000000
pair: struct AV_PAIR
AvId : MsvAvTargetName (0x9)
AvLen : 0x0024 (36)
Value : union ntlmssp_AvValue(case 0x9)
AvTargetName : 'cifs/192.168.1.250'
pair: struct AV_PAIR
AvId : MsvAvEOL (0x0)
AvLen : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
DomainNameLen : 0x0012 (18)
DomainNameMaxLen : 0x0012 (18)
DomainName : *
DomainName : 'WORKGROUP'
UserNameLen : 0x0010 (16)
UserNameMaxLen : 0x0010 (16)
UserName : *
UserName : 'useruser'
WorkstationLen : 0x000c (12)
WorkstationMaxLen : 0x000c (12)
Workstation : *
Workstation : 'LINUPS'
EncryptedRandomSessionKeyLen: 0x0010 (16)
EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
EncryptedRandomSessionKey: *
EncryptedRandomSessionKey: DATA_BLOB length=16
[0000] DA 03 29 AB 2B 8D 6C 14 78 71 62 A7 E6 96 E9 DD ..).+.l. xqb.....
NegotiateFlags : 0x62088215 (1644724757)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
0: NTLMSSP_TARGET_TYPE_DOMAIN
0: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
0: NTLMSSP_NEGOTIATE_TARGET_INFO
1: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
Version: struct ntlmssp_VERSION
ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
ProductBuild : 0x0000 (0)
Reserved: ARRAY(3)
[0] : 0x00 (0)
[1] : 0x00 (0)
[2] : 0x00 (0)
NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15)
Got user=[useruser] domain=[WORKGROUP] workstation=[LINUPS] len1=24 len2=240
short string '', sent with NULL termination despite NOTERM flag in IDL
&v2_resp: struct NTLMv2_RESPONSE
Response : f56c39cd9bbed52f265fe8e89441d11b
Challenge: struct NTLMv2_CLIENT_CHALLENGE
RespType : 0x01 (1)
HiRespType : 0x01 (1)
Reserved1 : 0x0000 (0)
Reserved2 : 0x00000000 (0)
TimeStamp : Fri Jun 17 06:24:29 2022 UTC
ChallengeFromClient : 1e4cc3a1d73513c2
Reserved3 : 0x00000000 (0)
AvPairs: struct AV_PAIR_LIST
count : 0x0000000a (10)
pair: ARRAY(10)
pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x2)
AvNbDomainName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
AvLen : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x1)
AvNbComputerName : 'ZALUPA'
pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
AvLen : 0x0002 (2)
Value : union ntlmssp_AvValue(case 0x4)
AvDnsDomainName : ''
pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
AvLen : 0x0012 (18)
Value : union ntlmssp_AvValue(case 0x3)
AvDnsComputerName : 'localhost'
pair: struct AV_PAIR
AvId : MsvAvTimestamp (0x7)
AvLen : 0x0008 (8)
Value : union ntlmssp_AvValue(case 0x7)
AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
pair: struct AV_PAIR
AvId : MsvAvFlags (0x6)
AvLen : 0x0004 (4)
Value : union ntlmssp_AvValue(case 0x6)
AvFlags : 0x00000002 (2)
0: NTLMSSP_AVFLAG_CONSTRAINTED_ACCOUNT
1: NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE
0: NTLMSSP_AVFLAG_TARGET_SPN_FROM_UNTRUSTED_SOURCE
pair: struct AV_PAIR
AvId : MsvAvSingleHost (0x8)
AvLen : 0x0030 (48)
Value : union ntlmssp_AvValue(case 0x8)
AvSingleHost: struct ntlmssp_SingleHostData
Size : 0x00000030 (48)
Z4 : 0x00000000 (0)
token_info: struct LSAP_TOKEN_INFO_INTEGRITY
Flags : 0x00000000 (0)
TokenIL : 0x00000000 (0)
MachineId : 7969e1bb5a679eabae86f2535f1149654f4926a205ea239f17fb49c576bba7f3
remaining : DATA_BLOB length=0
pair: struct AV_PAIR
AvId : MsvChannelBindings (0xA)
AvLen : 0x0010 (16)
Value : union ntlmssp_AvValue(case 0xA)
ChannelBindings : 00000000000000000000000000000000
pair: struct AV_PAIR
AvId : MsvAvTargetName (0x9)
AvLen : 0x0024 (36)
Value : union ntlmssp_AvValue(case 0x9)
AvTargetName : 'cifs/192.168.1.250'
pair: struct AV_PAIR
AvId : MsvAvEOL (0x0)
AvLen : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
Mapping user [WORKGROUP]\[useruser] from workstation [LINUPS]
attempting to make a user_info for useruser (useruser)
making strings for useruser's user_info struct
making blobs for useruser's user_info struct
made a user_info for useruser (useruser)
check_ntlm_password: Checking password for unmapped user [WORKGROUP]\[useruser]@[LINUPS] with the new password interface
check_ntlm_password: mapped user is: [WORKGROUP]\[useruser]@[LINUPS]
check_ntlm_password: auth_context challenge created by random
challenge is:
Check auth for: [useruser]
auth_check_ntlm_password: anonymous had nothing to say
auth_sam_ignoredomain_auth: Check auth for: [WORKGROUP]\[useruser]
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
getsampwnam (smbpasswd): search by name: useruser
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
getsmbfilepwent: skipping comment or blank line
getsmbfilepwent: LM password for user nobody invalidated
getsmbfilepwent: returning passwd entry for user nobody, uid 0
getsmbfilepwent: LM password for user useruser invalidated
getsmbfilepwent: returning passwd entry for user useruser, uid 65533
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: useruser
Finding user useruser
Trying _Get_Pwnam(), username as lowercase is useruser
Get_Pwnam_internals did find user [useruser]!
pdb_set_username: setting username useruser, was
pdb_set_full_name: setting full name nobody, was
pdb_set_domain: setting domain ZALUPA, was
Home server: ZALUPA
pdb_set_profile_path: setting profile path \\ZALUPA\useruser\profile, was
Home server: ZALUPA
pdb_set_homedir: setting home dir \\ZALUPA\useruser, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066 from rid 132066
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: maximum password age, val: -1
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
Forcing Primary Group to 'Domain Users' for useruser
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: password history, val: 0
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
pdb_set_username: setting username useruser, was
pdb_set_domain: setting domain ZALUPA, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name nobody, was
Home server: ZALUPA
pdb_set_homedir: setting home dir \\ZALUPA\useruser, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: ZALUPA
pdb_set_profile_path: setting profile path \\ZALUPA\useruser\profile, was
pdb_set_workstations: setting workstations , was
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: password history, val: 0
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
pdb_set_user_sid: setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066
pdb_set_user_sid_from_rid:
setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066 from rid 132066
pdb_set_group_sid: setting group sid S-1-5-21-3939785350-4027435424-1589595352-513
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
ntlm_password_check: Checking NTLMv2 password with domain [WORKGROUP]
sam_account_ok: Checking SMB password for user useruser
logon_hours_ok: user useruser allowed to logon at this time (Fri Jun 17 06:24:28 2022
)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: maximum password age, val: -1
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Finding user useruser
Trying _Get_Pwnam(), username as lowercase is useruser
Get_Pwnam_internals did find user [useruser]!
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: minimum password age, val: 0
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
account_policy_get: name: maximum password age, val: -1
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
Finding user useruser
Trying _Get_Pwnam(), username as lowercase is useruser
Get_Pwnam_internals did find user [useruser]!
sys_getgrouplist: user [useruser]
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
make_server_info_sam: made server info for user useruser -> useruser
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
auth_check_ntlm_password: sam_ignoredomain authentication for user [useruser] succeeded
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
check_ntlm_password: PAM Account for user [useruser] succeeded
messaging_dgm_send: Sending message to 2815
messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 2812
messaging_dgm_cleanup: Cleaning up : No error information
smbd_cleanupd_process_exited: cleaned up pid 2816