1. root@zalupa:~# /usr/sbin/smbd -F -S --no-process-group -d10
  2. INFO: Current debug levels:
  3. all: 10
  4. tdb: 10
  5. printdrivers: 10
  6. lanman: 10
  7. smb: 10
  8. rpc_parse: 10
  9. rpc_srv: 10
  10. rpc_cli: 10
  11. passdb: 10
  12. sam: 10
  13. auth: 10
  14. winbind: 10
  15. vfs: 10
  16. idmap: 10
  17. quota: 10
  18. acls: 10
  19. locking: 10
  20. msdfs: 10
  21. dmapi: 10
  22. registry: 10
  23. scavenger: 10
  24. dns: 10
  25. ldb: 10
  26. tevent: 10
  27. auth_audit: 10
  28. auth_json_audit: 10
  29. kerberos: 10
  30. drs_repl: 10
  31. smb2: 10
  32. smb2_credits: 10
  33. dsdb_audit: 10
  34. dsdb_json_audit: 10
  35. dsdb_password_audit: 10
  36. dsdb_password_json_audit: 10
  37. dsdb_transaction_audit: 10
  38. dsdb_transaction_json_audit: 10
  39. dsdb_group_audit: 10
  40. dsdb_group_json_audit: 10
  41. smbd version 4.14.12 started.
  42. Copyright Andrew Tridgell and the Samba Team 1992-2021
  43. uid=0 gid=0 euid=0 egid=0
  44. Paths:
  45. SBINDIR: /usr/sbin
  46. BINDIR: /usr/bin
  47. CONFIGFILE: /etc/samba/smb.conf
  48. LOGFILEBASE: /var/log
  49. LMHOSTSFILE: /etc/samba/lmhosts
  50. LIBDIR: /usr/lib
  51. DATADIR: /usr/share
  52. SAMBA_DATADIR: /usr/share/samba
  53. MODULESDIR: /usr/lib/samba
  54. SHLIBEXT: so
  55. LOCKDIR: /var/lock
  56. STATEDIR: /var/lib/samba
  57. CACHEDIR: /var/cache/samba
  58. PIDDIR: /var/run
  59. SMB_PASSWD_FILE: /etc/samba/smbpasswd
  60. PRIVATE_DIR: /etc/samba
  61. BINDDNS_DIR: /var/lib/samba/bind-dns
  62. System Headers:
  63. HAVE_SYS_ACL_H
  64. HAVE_SYS_AUXV_H
  65. HAVE_SYS_CAPABILITY_H
  66. HAVE_SYS_DIR_H
  67. HAVE_SYS_EPOLL_H
  68. HAVE_SYS_EVENTFD_H
  69. HAVE_SYS_FCNTL_H
  70. HAVE_SYS_FILE_H
  71. HAVE_SYS_INOTIFY_H
  72. HAVE_SYS_IOCTL_H
  73. HAVE_SYS_IPC_H
  74. HAVE_SYS_KERNEL_PROC_CORE_PATTERN
  75. HAVE_SYS_MMAN_H
  76. HAVE_SYS_MOUNT_H
  77. HAVE_SYS_PARAM_H
  78. HAVE_SYS_PRCTL_H
  79. HAVE_SYS_RESOURCE_H
  80. HAVE_SYS_SELECT_H
  81. HAVE_SYS_SENDFILE_H
  82. HAVE_SYS_SHM_H
  83. HAVE_SYS_SOCKET_H
  84. HAVE_SYS_STATFS_H
  85. HAVE_SYS_STATVFS_H
  86. HAVE_SYS_STAT_H
  87. HAVE_SYS_STROPTS_H
  88. HAVE_SYS_SYSCALL_H
  89. HAVE_SYS_SYSLOG_H
  90. HAVE_SYS_SYSMACROS_H
  91. HAVE_SYS_TERMIOS_H
  92. HAVE_SYS_TIMEB_H
  93. HAVE_SYS_TIMES_H
  94. HAVE_SYS_TIME_H
  95. HAVE_SYS_TYPES_H
  96. HAVE_SYS_UCONTEXT_H
  97. HAVE_SYS_UIO_H
  98. HAVE_SYS_UN_H
  99. HAVE_SYS_UTSNAME_H
  100. HAVE_SYS_VFS_H
  101. HAVE_SYS_WAIT_H
  102. HAVE_SYS_XATTR_H
  103. Headers:
  104. HAVE_ACL_LIBACL_H
  105. HAVE_ALLOCA_H
  106. HAVE_ARPA_INET_H
  107. HAVE_ARPA_NAMESER_H
  108. HAVE_ASM_TYPES_H
  109. HAVE_ASM_UNISTD_H
  110. HAVE_ASSERT_H
  111. HAVE_ATTR_ATTRIBUTES_H
  112. HAVE_COM_ERR_H
  113. HAVE_CONFIG_H
  114. HAVE_CRYPT_H
  115. HAVE_CTYPE_H
  116. HAVE_CURSES_H
  117. HAVE_DIRENT_H
  118. HAVE_DLFCN_H
  119. HAVE_ENDIAN_H
  120. HAVE_ERRNO_H
  121. HAVE_ERR_H
  122. HAVE_FCNTL_H
  123. HAVE_FLOAT_H
  124. HAVE_FNMATCH_H
  125. HAVE_FTW_H
  126. HAVE_GETOPT_H
  127. HAVE_GLOB_H
  128. HAVE_GNUTLS_GNUTLS_H
  129. HAVE_GPFS_H
  130. HAVE_GRP_H
  131. HAVE_GSSAPI_GSSAPI_H
  132. HAVE_GSSAPI_GSSAPI_KRB5_H
  133. HAVE_GSSAPI_GSSAPI_SPNEGO_H
  134. HAVE_ICONV_H
  135. HAVE_IFADDRS_H
  136. HAVE_INTTYPES_H
  137. HAVE_KRB5_H
  138. HAVE_KRB5_LOCATE_PLUGIN_H
  139. HAVE_LANGINFO_H
  140. HAVE_LASTLOG_H
  141. HAVE_LIBGEN_H
  142. HAVE_LIBURING_H
  143. HAVE_LIMITS_H
  144. HAVE_LINUX_ETHTOOL_H
  145. HAVE_LINUX_FALLOC_H
  146. HAVE_LINUX_FCNTL_H
  147. HAVE_LINUX_FS_H
  148. HAVE_LINUX_IOCTL_H
  149. HAVE_LINUX_SOCKIOS_H
  150. HAVE_LINUX_TYPES_H
  151. HAVE_LOCALE_H
  152. HAVE_MALLOC_H
  153. HAVE_MEMORY_H
  154. HAVE_MNTENT_H
  155. HAVE_NETDB_H
  156. HAVE_NETINET_IN_H
  157. HAVE_NETINET_IN_SYSTM_H
  158. HAVE_NETINET_IP_H
  159. HAVE_NETINET_TCP_H
  160. HAVE_NET_IF_H
  161. HAVE_POLL_H
  162. HAVE_POPT_H
  163. HAVE_PTHREAD_H
  164. HAVE_PTY_H
  165. HAVE_PWD_H
  166. HAVE_READLINE_HISTORY_H
  167. HAVE_READLINE_READLINE_H
  168. HAVE_RESOLV_H
  169. HAVE_RPC_NETTYPE_H
  170. HAVE_RPC_RPC_H
  171. HAVE_RPC_XDR_H
  172. HAVE_SCHED_H
  173. HAVE_SETJMP_H
  174. HAVE_SHADOW_H
  175. HAVE_SIGNAL_H
  176. HAVE_STDARG_H
  177. HAVE_STDATOMIC_H
  178. HAVE_STDBOOL_H
  179. HAVE_STDDEF_H
  180. HAVE_STDINT_H
  181. HAVE_STDIO_H
  182. HAVE_STDLIB_H
  183. HAVE_STRINGS_H
  184. HAVE_STRING_H
  185. HAVE_STROPTS_H
  186. HAVE_SYSCALL_H
  187. HAVE_SYSLOG_H
  188. HAVE_TERMCAP_H
  189. HAVE_TERMIOS_H
  190. HAVE_TERM_H
  191. HAVE_TIME_H
  192. HAVE_UNISTD_H
  193. HAVE_UTIME_H
  194. HAVE_ZLIB_H
  195. UTMP Options:
  196. HAVE_UTMPX_H
  197. HAVE_UTMP_H
  198. HAVE_* Defines:
  199. HAVE_ADDR_TYPE_IN_KRB5_ADDRESS
  200. HAVE_AP_OPTS_USE_SUBKEY
  201. HAVE_ASPRINTF
  202. HAVE_ATEXIT
  203. HAVE_ATOMIC_THREAD_FENCE
  204. HAVE_ATOMIC_THREAD_FENCE_SUPPORT
  205. HAVE_BASENAME
  206. HAVE_BLKCNT_T
  207. HAVE_BLKSIZE_T
  208. HAVE_BOOL
  209. HAVE_BSD_STRTOLL
  210. HAVE_BZERO
  211. HAVE_C99_VSNPRINTF
  212. HAVE_CAP_GET_PROC
  213. HAVE_CHARSET_CP850
  214. HAVE_CHARSET_UTF_8
  215. HAVE_CHECKSUM_IN_KRB5_CHECKSUM
  216. HAVE_CHMOD
  217. HAVE_CHOWN
  218. HAVE_CHROOT
  219. HAVE_CLEARENV
  220. HAVE_CLOCK_GETTIME
  221. HAVE_CLOCK_MONOTONIC
  222. HAVE_CLOCK_PROCESS_CPUTIME_ID
  223. HAVE_CLOCK_REALTIME
  224. HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS
  225. HAVE_CONNECT
  226. HAVE_CONSTRUCTOR_ATTRIBUTE
  227. HAVE_COPY_FILE_RANGE
  228. HAVE_CPPFUNCTION
  229. HAVE_CRYPT
  230. HAVE_CRYPT_R
  231. HAVE_DECL_ASPRINTF
  232. HAVE_DECL_DLOPEN
  233. HAVE_DECL_EWOULDBLOCK
  234. HAVE_DECL_FDATASYNC
  235. HAVE_DECL_FS_COMPR_FL
  236. HAVE_DECL_FS_IOC_GETFLAGS
  237. HAVE_DECL_GETTIMEOFDAY
  238. HAVE_DECL_H_ERRNO
  239. HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE
  240. HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER
  241. HAVE_DECL_MALLOC
  242. HAVE_DECL_MEMALIGN
  243. HAVE_DECL_PTHREAD_MUTEX_ROBUST
  244. HAVE_DECL_READAHEAD
  245. HAVE_DECL_RL_EVENT_HOOK
  246. HAVE_DECL_SNPRINTF
  247. HAVE_DECL_STRPTIME
  248. HAVE_DECL_VASPRINTF
  249. HAVE_DECL_VSNPRINTF
  250. HAVE_DECL__RES
  251. HAVE_DESTRUCTOR_ATTRIBUTE
  252. HAVE_DES_PCBC_ENCRYPT
  253. HAVE_DIRENT_D_OFF
  254. HAVE_DIRFD
  255. HAVE_DIRFD_DECL
  256. HAVE_DIRNAME
  257. HAVE_DISABLE_FAULT_HANDLING
  258. HAVE_DLCLOSE
  259. HAVE_DLERROR
  260. HAVE_DLOPEN
  261. HAVE_DLSYM
  262. HAVE_DN_EXPAND
  263. HAVE_DPRINTF
  264. HAVE_DUP2
  265. HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96
  266. HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96
  267. HAVE_ENCTYPE_ARCFOUR_HMAC
  268. HAVE_ENCTYPE_ARCFOUR_HMAC_MD5
  269. HAVE_ENCTYPE_ARCFOUR_HMAC_MD5_56
  270. HAVE_ENDHOSTENT
  271. HAVE_ENDMNTENT
  272. HAVE_ENVIRON_DECL
  273. HAVE_EPOLL
  274. HAVE_EPOLL_CREATE
  275. HAVE_ERR
  276. HAVE_ERRNO_DECL
  277. HAVE_ERRX
  278. HAVE_ETHTOOL
  279. HAVE_ETYPE_IN_ENCRYPTEDDATA
  280. HAVE_EVENTFD
  281. HAVE_EXECL
  282. HAVE_E_DATA_POINTER_IN_KRB5_ERROR
  283. HAVE_FALLOCATE
  284. HAVE_FALLOC_FL_PUNCH_HOLE
  285. HAVE_FALLTHROUGH_ATTRIBUTE
  286. HAVE_FCHMOD
  287. HAVE_FCHOWN
  288. HAVE_FCNTL_LOCK
  289. HAVE_FDATASYNC
  290. HAVE_FDOPENDIR
  291. HAVE_FLAGS_IN_KRB5_CREDS
  292. HAVE_FLOCK
  293. HAVE_FMEMOPEN
  294. HAVE_FREEADDRINFO
  295. HAVE_FREEIFADDRS
  296. HAVE_FREE_CHECKSUM
  297. HAVE_FRSIZE
  298. HAVE_FSEEKO
  299. HAVE_FSID_INT
  300. HAVE_FSTATAT
  301. HAVE_FSYNC
  302. HAVE_FTRUNCATE
  303. HAVE_FTRUNCATE_EXTEND
  304. HAVE_FUNCTION_MACRO
  305. HAVE_FUTIMENS
  306. HAVE_FUTIMES
  307. HAVE_F_OWNER_EX
  308. HAVE_F_SETLEASE_DECL
  309. HAVE_GAI_STRERROR
  310. HAVE_GCC_VOLATILE_MEMORY_PROTECTION
  311. HAVE_GETADDRINFO
  312. HAVE_GETAUXVAL
  313. HAVE_GETCWD
  314. HAVE_GETGRENT
  315. HAVE_GETGRGID_R
  316. HAVE_GETGRNAM
  317. HAVE_GETGRNAM_R
  318. HAVE_GETGROUPLIST
  319. HAVE_GETHOSTBYADDR
  320. HAVE_GETHOSTBYNAME
  321. HAVE_GETHOSTBYNAME_R
  322. HAVE_GETHOSTENT
  323. HAVE_GETHOSTNAME
  324. HAVE_GETIFADDRS
  325. HAVE_GETMNTENT
  326. HAVE_GETNAMEINFO
  327. HAVE_GETPAGESIZE
  328. HAVE_GETPGRP
  329. HAVE_GETPWNAM
  330. HAVE_GETPWNAM_R
  331. HAVE_GETPWUID_R
  332. HAVE_GETRLIMIT
  333. HAVE_GETSPNAM
  334. HAVE_GETTIMEOFDAY_TZ_VOID
  335. HAVE_GETXATTR
  336. HAVE_GET_CURRENT_DIR_NAME
  337. HAVE_GLOB
  338. HAVE_GNUTLS
  339. HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
  340. HAVE_GNUTLS_AES_CFB8
  341. HAVE_GNUTLS_AES_CMAC
  342. HAVE_GNUTLS_CRYPTO_POLICIES
  343. HAVE_GNUTLS_GET_SYSTEM_CONFIG_FILE
  344. HAVE_GNUTLS_PKCS7_GET_EMBEDDED_DATA_OID
  345. HAVE_GNUTLS_SET_DEFAULT_PRIORITY_APPEND
  346. HAVE_GPFS
  347. HAVE_GRANTPT
  348. HAVE_GSSAPI
  349. HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT
  350. HAVE_GSSKRB5_GET_SUBKEY
  351. HAVE_GSS_DISPLAY_STATUS
  352. HAVE_GSS_EXPORT_CRED
  353. HAVE_GSS_IMPORT_CRED
  354. HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID
  355. HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X
  356. HAVE_GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT
  357. HAVE_GSS_KRB5_IMPORT_CRED
  358. HAVE_GSS_OID_EQUAL
  359. HAVE_GSS_WRAP_IOV
  360. HAVE_HISTORY_LIST
  361. HAVE_HSTRERROR
  362. HAVE_H_ERRNO
  363. HAVE_ICONV_ERRNO_ILLEGAL_MULTIBYTE
  364. HAVE_ICONV_OPEN
  365. HAVE_IF_NAMETOINDEX
  366. HAVE_IMMEDIATE_STRUCTURES
  367. HAVE_INET_ATON
  368. HAVE_INET_NTOA
  369. HAVE_INET_NTOP
  370. HAVE_INET_PTON
  371. HAVE_INITGROUPS
  372. HAVE_INITIALIZE_KRB5_ERROR_TABLE
  373. HAVE_INOTIFY
  374. HAVE_INOTIFY_INIT
  375. HAVE_INO_T
  376. HAVE_INT16_T
  377. HAVE_INT32_T
  378. HAVE_INT64_T
  379. HAVE_INT8_T
  380. HAVE_INTPTR_T
  381. HAVE_IO_URING_RING_DONTFORK
  382. HAVE_IPV6
  383. HAVE_IPV6_V6ONLY
  384. HAVE_ISATTY
  385. HAVE_KERNEL_OPLOCKS_LINUX
  386. HAVE_KERNEL_SHARE_MODES
  387. HAVE_KRB5
  388. HAVE_KRB5_ADDRESSES
  389. HAVE_KRB5_AUTH_CON_SETKEY
  390. HAVE_KRB5_CC_COPY_CACHE
  391. HAVE_KRB5_CC_GET_LIFETIME
  392. HAVE_KRB5_CONFIG_GET_BOOL_DEFAULT
  393. HAVE_KRB5_CREATE_CHECKSUM
  394. HAVE_KRB5_CRYPTO
  395. HAVE_KRB5_CRYPTO_DESTROY
  396. HAVE_KRB5_CRYPTO_INIT
  397. HAVE_KRB5_C_VERIFY_CHECKSUM
  398. HAVE_KRB5_DATA_COPY
  399. HAVE_KRB5_ENCTYPE_TO_STRING
  400. HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG
  401. HAVE_KRB5_FREE_ERROR_CONTENTS
  402. HAVE_KRB5_FREE_HOST_REALM
  403. HAVE_KRB5_FWD_TGT_CREDS
  404. HAVE_KRB5_GET_CREDS
  405. HAVE_KRB5_GET_CREDS_OPT_ALLOC
  406. HAVE_KRB5_GET_CREDS_OPT_SET_IMPERSONATE
  407. HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES
  408. HAVE_KRB5_GET_HOST_REALM
  409. HAVE_KRB5_GET_INIT_CREDS_KEYBLOCK
  410. HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
  411. HAVE_KRB5_GET_INIT_CREDS_OPT_FREE
  412. HAVE_KRB5_GET_INIT_CREDS_OPT_GET_ERROR
  413. HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST
  414. HAVE_KRB5_GET_PW_SALT
  415. HAVE_KRB5_GET_RENEWED_CREDS
  416. HAVE_KRB5_KEYBLOCK_INIT
  417. HAVE_KRB5_KEYBLOCK_KEYVALUE
  418. HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK
  419. HAVE_KRB5_KRBHST_GET_ADDRINFO
  420. HAVE_KRB5_KRBHST_INIT
  421. HAVE_KRB5_KT_COMPARE
  422. HAVE_KRB5_KT_FREE_ENTRY
  423. HAVE_KRB5_KU_OTHER_CKSUM
  424. HAVE_KRB5_MAKE_PRINCIPAL
  425. HAVE_KRB5_MK_REQ_EXTENDED
  426. HAVE_KRB5_PDU_NONE_DECL
  427. HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM
  428. HAVE_KRB5_PRINCIPAL_GET_COMP_STRING
  429. HAVE_KRB5_PRINCIPAL_GET_NUM_COMP
  430. HAVE_KRB5_PRINCIPAL_GET_REALM
  431. HAVE_KRB5_PRINCIPAL_GET_TYPE
  432. HAVE_KRB5_PRINCIPAL_SET_REALM
  433. HAVE_KRB5_PRINCIPAL_SET_TYPE
  434. HAVE_KRB5_PROMPT_TYPE
  435. HAVE_KRB5_REALM_TYPE
  436. HAVE_KRB5_SET_DEFAULT_IN_TKT_ETYPES
  437. HAVE_KRB5_SET_REAL_TIME
  438. HAVE_KRB5_STRING_TO_KEY
  439. HAVE_KRB5_STRING_TO_KEY_SALT
  440. HAVE_KRB5_WARNX
  441. HAVE_KRB_STRUCT_WINSIZE
  442. HAVE_LARGEFILE
  443. HAVE_LCHOWN
  444. HAVE_LDWRAP
  445. HAVE_LIBCAP
  446. HAVE_LIBCRYPT
  447. HAVE_LIBCRYPTO
  448. HAVE_LIBKRB5
  449. HAVE_LIBNCURSES
  450. HAVE_LIBPOPT
  451. HAVE_LIBREADLINE
  452. HAVE_LIBREPLACE
  453. HAVE_LIBRESOLV
  454. HAVE_LIBTASN1
  455. HAVE_LIBURING
  456. HAVE_LIBZ
  457. HAVE_LINK
  458. HAVE_LINUX_FALLOCATE
  459. HAVE_LINUX_INOTIFY
  460. HAVE_LINUX_IOCTL
  461. HAVE_LINUX_READAHEAD
  462. HAVE_LINUX_SPLICE
  463. HAVE_LINUX_THREAD_CREDENTIALS
  464. HAVE_LITTLE_ENDIAN
  465. HAVE_LONGJMP
  466. HAVE_LONG_LONG
  467. HAVE_LSEEK_HOLE_DATA
  468. HAVE_LSTAT
  469. HAVE_LUTIMES
  470. HAVE_MAKEDEV
  471. HAVE_MEMALIGN
  472. HAVE_MEMCPY
  473. HAVE_MEMMEM
  474. HAVE_MEMMOVE
  475. HAVE_MEMSET
  476. HAVE_MKDIR_MODE
  477. HAVE_MKDTEMP
  478. HAVE_MKNOD
  479. HAVE_MKNODAT
  480. HAVE_MKTIME
  481. HAVE_MLOCK
  482. HAVE_MLOCKALL
  483. HAVE_MMAP
  484. HAVE_MREMAP
  485. HAVE_MUNLOCK
  486. HAVE_MUNLOCKALL
  487. HAVE_NATIVE_ICONV
  488. HAVE_NEW_LIBREADLINE
  489. HAVE_NFTW
  490. HAVE_OPENAT
  491. HAVE_OPENPTY
  492. HAVE_OPEN_O_DIRECT
  493. HAVE_PATHCONF
  494. HAVE_PEERCRED
  495. HAVE_PIPE
  496. HAVE_POLL
  497. HAVE_POPT
  498. HAVE_POPTGETCONTEXT
  499. HAVE_POSIX_CAPABILITIES
  500. HAVE_POSIX_FADVISE
  501. HAVE_POSIX_FALLOCATE
  502. HAVE_POSIX_MEMALIGN
  503. HAVE_POSIX_OPENPT
  504. HAVE_PRCTL
  505. HAVE_PREAD
  506. HAVE_PREAD_DECL
  507. HAVE_PRINTF
  508. HAVE_PROGRAM_INVOCATION_SHORT_NAME
  509. HAVE_PTHREAD
  510. HAVE_PTHREAD_ATTR_INIT
  511. HAVE_PTHREAD_CREATE
  512. HAVE_PTHREAD_MUTEXATTR_SETROBUST
  513. HAVE_PTHREAD_MUTEX_CONSISTENT
  514. HAVE_PTRDIFF_T
  515. HAVE_PUTENV
  516. HAVE_PWRITE
  517. HAVE_PWRITE_DECL
  518. HAVE_RAND
  519. HAVE_RANDOM
  520. HAVE_READAHEAD_DECL
  521. HAVE_READLINK
  522. HAVE_READV
  523. HAVE_REALPATH
  524. HAVE_RENAME
  525. HAVE_RES_SEARCH
  526. HAVE_RL_COMPLETION_MATCHES
  527. HAVE_ROBUST_MUTEXES
  528. HAVE_SA_FAMILY_T
  529. HAVE_SA_SIGINFO_DECL
  530. HAVE_SECURE_MKSTEMP
  531. HAVE_SELECT
  532. HAVE_SENDFILE
  533. HAVE_SENDMSG
  534. HAVE_SETBUFFER
  535. HAVE_SETEGID
  536. HAVE_SETENV
  537. HAVE_SETENV_DECL
  538. HAVE_SETEUID
  539. HAVE_SETGID
  540. HAVE_SETGROUPS
  541. HAVE_SETHOSTENT
  542. HAVE_SETITIMER
  543. HAVE_SETLINEBUF
  544. HAVE_SETLOCALE
  545. HAVE_SETMNTENT
  546. HAVE_SETPGID
  547. HAVE_SETREGID
  548. HAVE_SETRESGID
  549. HAVE_SETRESGID_DECL
  550. HAVE_SETRESUID
  551. HAVE_SETRESUID_DECL
  552. HAVE_SETREUID
  553. HAVE_SETSID
  554. HAVE_SETUID
  555. HAVE_SHARED_MMAP
  556. HAVE_SIGACTION
  557. HAVE_SIGLONGJMP
  558. HAVE_SIGPROCMASK
  559. HAVE_SIGSET
  560. HAVE_SIG_ATOMIC_T_TYPE
  561. HAVE_SIMPLE_C_PROG
  562. HAVE_SIZE_T
  563. HAVE_SNPRINTF
  564. HAVE_SOCKET
  565. HAVE_SOCKETPAIR
  566. HAVE_SOCKLEN_T
  567. HAVE_SPLICE_DECL
  568. HAVE_SRAND
  569. HAVE_SRANDOM
  570. HAVE_SSIZE_T
  571. HAVE_SS_FAMILY
  572. HAVE_STATFS_F_FSID
  573. HAVE_STATVFS
  574. HAVE_STATVFS_F_FLAG
  575. HAVE_STAT_HIRES_TIMESTAMPS
  576. HAVE_STAT_ST_BLKSIZE
  577. HAVE_STAT_ST_BLOCKS
  578. HAVE_STRCASECMP
  579. HAVE_STRCASESTR
  580. HAVE_STRCHR
  581. HAVE_STRCPY
  582. HAVE_STRDUP
  583. HAVE_STRERROR
  584. HAVE_STRERROR_R
  585. HAVE_STRFTIME
  586. HAVE_STRLCAT
  587. HAVE_STRLCPY
  588. HAVE_STRNCASECMP
  589. HAVE_STRNCPY
  590. HAVE_STRNDUP
  591. HAVE_STRNLEN
  592. HAVE_STRPBRK
  593. HAVE_STRPTIME
  594. HAVE_STRSEP
  595. HAVE_STRSIGNAL
  596. HAVE_STRTOK_R
  597. HAVE_STRTOL
  598. HAVE_STRTOLL
  599. HAVE_STRTOULL
  600. HAVE_STRUCT_ADDRINFO
  601. HAVE_STRUCT_IFADDRS
  602. HAVE_STRUCT_MSGHDR_MSG_CONTROL
  603. HAVE_STRUCT_SIGEVENT
  604. HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIVAL_PTR
  605. HAVE_STRUCT_SOCKADDR
  606. HAVE_STRUCT_SOCKADDR_IN6
  607. HAVE_STRUCT_SOCKADDR_STORAGE
  608. HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC
  609. HAVE_STRUCT_STAT_ST_RDEV
  610. HAVE_STRUCT_TIMESPEC
  611. HAVE_STRUCT_WINSIZE
  612. HAVE_ST_RDEV
  613. HAVE_SWAB
  614. HAVE_SYMLINK
  615. HAVE_SYSCALL
  616. HAVE_SYSCONF
  617. HAVE_SYSLOG
  618. HAVE_TGETENT
  619. HAVE_TIMEGM
  620. HAVE_TIRPC
  621. HAVE_UCONTEXT_T
  622. HAVE_UINT16_T
  623. HAVE_UINT32_T
  624. HAVE_UINT64_T
  625. HAVE_UINT8_T
  626. HAVE_UINTPTR_T
  627. HAVE_UMASK
  628. HAVE_UNAME
  629. HAVE_UNIXSOCKET
  630. HAVE_UNSETENV
  631. HAVE_UNSHARE_CLONE_FS
  632. HAVE_URING
  633. HAVE_USLEEP
  634. HAVE_UTIMBUF
  635. HAVE_UTIME
  636. HAVE_UTIMENSAT
  637. HAVE_UTIMES
  638. HAVE_U_CHAR
  639. HAVE_U_INT32_T
  640. HAVE_VASPRINTF
  641. HAVE_VA_COPY
  642. HAVE_VDPRINTF
  643. HAVE_VISIBILITY_ATTR
  644. HAVE_VOLATILE
  645. HAVE_VSNPRINTF
  646. HAVE_VSYSLOG
  647. HAVE_WAIT4
  648. HAVE_WAITPID
  649. HAVE_WARN
  650. HAVE_WARNX
  651. HAVE_WNO_FORMAT_TRUNCATION
  652. HAVE_WNO_STRICT_OVERFLOW
  653. HAVE_WNO_UNUSED_FUNCTION
  654. HAVE_WRITEV
  655. HAVE_WS_XPIXEL
  656. HAVE_WS_YPIXEL
  657. HAVE_XATTR_SUPPORT
  658. HAVE_XATTR_XATTR
  659. HAVE_ZLIB
  660. HAVE__Bool
  661. HAVE__RES
  662. HAVE__VA_ARGS__MACRO
  663. HAVE___ATTRIBUTE__
  664. HAVE___SYNC_FETCH_AND_ADD
  665. HAVE___THREAD
  666. --with Options:
  667. WITH_PTHREADPOOL
  668. WITH_SYSLOG
  669. Build Options:
  670. BOOL_DEFINED
  671. BROKEN_NISPLUS_INCLUDE_FILES
  672. COMPILER_SUPPORTS_LL
  673. CONFIG_H_IS_FROM_SAMBA
  674. DEFAULT_DOS_CHARSET
  675. DEFAULT_UNIX_CHARSET
  676. GETCWD_TAKES_NULL
  677. INLINE_MACRO
  678. KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT
  679. KRB5_PRINC_REALM_RETURNS_REALM
  680. LIBREPLACE_NETWORK_CHECKS
  681. LINUX
  682. LINUX_SENDFILE_API
  683. REALPATH_TAKES_NULL
  684. RETSIGTYPE
  685. SAMBA4_USES_HEIMDAL
  686. SEEKDIR_RETURNS_VOID
  687. SHLIBEXT
  688. SIZEOF_BLKCNT_T_8
  689. SIZEOF_BOOL
  690. SIZEOF_CHAR
  691. SIZEOF_DEV_T
  692. SIZEOF_INO_T
  693. SIZEOF_INT
  694. SIZEOF_INT16_T
  695. SIZEOF_INT32_T
  696. SIZEOF_INT64_T
  697. SIZEOF_INT8_T
  698. SIZEOF_LONG
  699. SIZEOF_LONG_LONG
  700. SIZEOF_OFF_T
  701. SIZEOF_SHORT
  702. SIZEOF_SIZE_T
  703. SIZEOF_SSIZE_T
  704. SIZEOF_TIME_T
  705. SIZEOF_UINT16_T
  706. SIZEOF_UINT32_T
  707. SIZEOF_UINT64_T
  708. SIZEOF_UINT8_T
  709. SIZEOF_VOID_P
  710. SRCDIR
  711. STAT_STATVFS
  712. STAT_ST_BLOCKSIZE
  713. STDC_HEADERS
  714. STRERROR_R_XSI_NOT_GNU
  715. STRING_SHARED_MODULES
  716. STRING_STATIC_MODULES
  717. SUMMARY_PASSES
  718. SYSCONF_SC_NGROUPS_MAX
  719. SYSCONF_SC_NPROCESSORS_ONLN
  720. SYSCONF_SC_PAGESIZE
  721. SYSTEM_UNAME_MACHINE
  722. SYSTEM_UNAME_RELEASE
  723. SYSTEM_UNAME_SYSNAME
  724. SYSTEM_UNAME_VERSION
  725. TALLOC_BUILD_VERSION_MAJOR
  726. TALLOC_BUILD_VERSION_MINOR
  727. TALLOC_BUILD_VERSION_RELEASE
  728. TEVENT_NUM_SIGNALS
  729. TIME_WITH_SYS_TIME
  730. USE_COPY_FILE_RANGE
  731. USE_LINUX_32BIT_SYSCALLS
  732. USE_TDB_MUTEX_LOCKING
  733. USING_SYSTEM_ASN1_COMPILE
  734. USING_SYSTEM_COMPILE_ET
  735. USING_SYSTEM_POPT
  736. VALUEOF_GNUTLS_CIPHER_AES_128_CFB8
  737. VALUEOF_GNUTLS_MAC_AES_CMAC_128
  738. VALUEOF_NSIG
  739. VALUEOF_SIGRTMAX
  740. VALUEOF_SIGRTMIN
  741. VALUEOF__NSIG
  742. VOID_RETSIGTYPE
  743. WINEXE_LDFLAGS
  744. _GNU_SOURCE
  745. _HAVE_SENDFILE
  746. _POSIX_FALLOCATE_CAPABLE_LIBC
  747. _SAMBA_BUILD_
  748. _XOPEN_SOURCE_EXTENDED
  749. auth_script_init
  750. loff_t
  751. offset_t
  752. static_decl_auth
  753. static_decl_charset
  754. static_decl_gpext
  755. static_decl_idmap
  756. static_decl_nss_info
  757. static_decl_pdb
  758. static_decl_perfcount
  759. static_decl_rpc
  760. static_decl_vfs
  761. static_init_auth
  762. static_init_charset
  763. static_init_gpext
  764. static_init_idmap
  765. static_init_nss_info
  766. static_init_pdb
  767. static_init_perfcount
  768. static_init_rpc
  769. static_init_vfs
  770. uint_t
  771. vfs_io_uring_init
  772. Cluster support features:
  773. NONE
  774. Type sizes:
  775. sizeof(char): 1
  776. sizeof(int): 4
  777. sizeof(long): 4
  778. sizeof(long long): 8
  779. sizeof(uint8_t): 1
  780. sizeof(uint16_t): 2
  781. sizeof(uint32_t): 4
  782. sizeof(short): 2
  783. sizeof(void*): 4
  784. sizeof(size_t): 4
  785. sizeof(off_t): 8
  786. sizeof(ino_t): 8
  787. sizeof(dev_t): 8
  788. Builtin modules:
  789. vfs_default vfs_not_implemented auth_builtin auth_sam auth_unix pdb_smbpasswd pdb_tdbsam
  790. lp_load_ex: refreshing parameters
  791. Initialising global parameters
  792. rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
  793. INFO: Current debug levels:
  794. all: 10
  795. tdb: 10
  796. printdrivers: 10
  797. lanman: 10
  798. smb: 10
  799. rpc_parse: 10
  800. rpc_srv: 10
  801. rpc_cli: 10
  802. passdb: 10
  803. sam: 10
  804. auth: 10
  805. winbind: 10
  806. vfs: 10
  807. idmap: 10
  808. quota: 10
  809. acls: 10
  810. locking: 10
  811. msdfs: 10
  812. dmapi: 10
  813. registry: 10
  814. scavenger: 10
  815. dns: 10
  816. ldb: 10
  817. tevent: 10
  818. auth_audit: 10
  819. auth_json_audit: 10
  820. kerberos: 10
  821. drs_repl: 10
  822. smb2: 10
  823. smb2_credits: 10
  824. dsdb_audit: 10
  825. dsdb_json_audit: 10
  826. dsdb_password_audit: 10
  827. dsdb_password_json_audit: 10
  828. dsdb_transaction_audit: 10
  829. dsdb_transaction_json_audit: 10
  830. dsdb_group_audit: 10
  831. dsdb_group_json_audit: 10
  832. Processing section "[global]"
  833. doing parameter netbios name = zalupa
  834. doing parameter interfaces = br-lan
  835. doing parameter server string = SASAm
  836. doing parameter unix charset = UTF-8
  837. doing parameter workgroup = WORKGROUP
  838. doing parameter log level = 2
  839. doing parameter bind interfaces only = yes
  840. doing parameter deadtime = 15
  841. doing parameter enable core files = no
  842. doing parameter security = user
  843. doing parameter invalid users = root
  844. doing parameter map to guest = Bad User
  845. doing parameter null passwords = yes
  846. lpcfg_do_global_parameter: WARNING: The "null passwords" option is deprecated
  847. doing parameter passdb backend = smbpasswd
  848. doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
  849. doing parameter load printers = No
  850. doing parameter printcap name = /dev/null
  851. doing parameter disable spoolss = yes
  852. doing parameter printing = bsd
  853. doing parameter mdns name = mdns
  854. doing parameter veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
  855. doing parameter delete veto files = yes
  856. doing parameter disable netbios = yes
  857. doing parameter smb ports = 445
  858. pm_process() returned Yes
  859. lp_servicenumber: couldn't find homes
  860. messaging_dgm_ref: messaging_dgm_init returned No error information
  861. messaging_dgm_ref: unique = 6044760074668520570
  862. Registering messaging pointer for type 2 - private_data=0
  863. Registered MSG_REQ_POOL_USAGE
  864. Registering messaging pointer for type 11 - private_data=0
  865. Registering messaging pointer for type 12 - private_data=0
  866. Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
  867. Registering messaging pointer for type 1 - private_data=0
  868. Registering messaging pointer for type 5 - private_data=0
  869. Registering messaging pointer for type 51 - private_data=0
  870. messaging_init_internal: my id: 2812
  871. global_dcesrv_context: Initializing DCE/RPC server context
  872. INFO: Current debug levels:
  873. all: 10
  874. tdb: 10
  875. printdrivers: 10
  876. lanman: 10
  877. smb: 10
  878. rpc_parse: 10
  879. rpc_srv: 10
  880. rpc_cli: 10
  881. passdb: 10
  882. sam: 10
  883. auth: 10
  884. winbind: 10
  885. vfs: 10
  886. idmap: 10
  887. quota: 10
  888. acls: 10
  889. locking: 10
  890. msdfs: 10
  891. dmapi: 10
  892. registry: 10
  893. scavenger: 10
  894. dns: 10
  895. ldb: 10
  896. tevent: 10
  897. auth_audit: 10
  898. auth_json_audit: 10
  899. kerberos: 10
  900. drs_repl: 10
  901. smb2: 10
  902. smb2_credits: 10
  903. dsdb_audit: 10
  904. dsdb_json_audit: 10
  905. dsdb_password_audit: 10
  906. dsdb_password_json_audit: 10
  907. dsdb_transaction_audit: 10
  908. dsdb_transaction_json_audit: 10
  909. dsdb_group_audit: 10
  910. dsdb_group_json_audit: 10
  911. lp_load_ex: refreshing parameters
  912. Freeing parametrics:
  913. Initialising global parameters
  914. rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
  915. INFO: Current debug levels:
  916. all: 10
  917. tdb: 10
  918. printdrivers: 10
  919. lanman: 10
  920. smb: 10
  921. rpc_parse: 10
  922. rpc_srv: 10
  923. rpc_cli: 10
  924. passdb: 10
  925. sam: 10
  926. auth: 10
  927. winbind: 10
  928. vfs: 10
  929. idmap: 10
  930. quota: 10
  931. acls: 10
  932. locking: 10
  933. msdfs: 10
  934. dmapi: 10
  935. registry: 10
  936. scavenger: 10
  937. dns: 10
  938. ldb: 10
  939. tevent: 10
  940. auth_audit: 10
  941. auth_json_audit: 10
  942. kerberos: 10
  943. drs_repl: 10
  944. smb2: 10
  945. smb2_credits: 10
  946. dsdb_audit: 10
  947. dsdb_json_audit: 10
  948. dsdb_password_audit: 10
  949. dsdb_password_json_audit: 10
  950. dsdb_transaction_audit: 10
  951. dsdb_transaction_json_audit: 10
  952. dsdb_group_audit: 10
  953. dsdb_group_json_audit: 10
  954. Processing section "[global]"
  955. doing parameter netbios name = zalupa
  956. doing parameter interfaces = br-lan
  957. doing parameter server string = SASAm
  958. doing parameter unix charset = UTF-8
  959. doing parameter workgroup = WORKGROUP
  960. doing parameter log level = 2
  961. doing parameter bind interfaces only = yes
  962. doing parameter deadtime = 15
  963. doing parameter enable core files = no
  964. doing parameter security = user
  965. doing parameter invalid users = root
  966. doing parameter map to guest = Bad User
  967. doing parameter null passwords = yes
  968. lpcfg_do_global_parameter: WARNING: The "null passwords" option is deprecated
  969. doing parameter passdb backend = smbpasswd
  970. doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
  971. doing parameter load printers = No
  972. doing parameter printcap name = /dev/null
  973. doing parameter disable spoolss = yes
  974. doing parameter printing = bsd
  975. doing parameter mdns name = mdns
  976. doing parameter veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
  977. doing parameter delete veto files = yes
  978. doing parameter disable netbios = yes
  979. doing parameter smb ports = 445
  980. Processing section "[shr]"
  981. add_a_service: Creating snum = 0 for shr
  982. hash_a_service: creating servicehash
  983. hash_a_service: hashing index 0 for service name shr
  984. doing parameter path = /mnt/share/
  985. doing parameter create mask = 0666
  986. doing parameter directory mask = 0777
  987. doing parameter read only = no
  988. doing parameter guest ok = yes
  989. doing parameter vfs objects = io_uring
  990. pm_process() returned Yes
  991. lp_servicenumber: couldn't find homes
  992. add_a_service: Creating snum = 1 for IPC$
  993. hash_a_service: hashing index 1 for service name IPC$
  994. adding IPC service
  995. INFO: Current debug levels:
  996. all: 10
  997. tdb: 10
  998. printdrivers: 10
  999. lanman: 10
  1000. smb: 10
  1001. rpc_parse: 10
  1002. rpc_srv: 10
  1003. rpc_cli: 10
  1004. passdb: 10
  1005. sam: 10
  1006. auth: 10
  1007. winbind: 10
  1008. vfs: 10
  1009. idmap: 10
  1010. quota: 10
  1011. acls: 10
  1012. locking: 10
  1013. msdfs: 10
  1014. dmapi: 10
  1015. registry: 10
  1016. scavenger: 10
  1017. dns: 10
  1018. ldb: 10
  1019. tevent: 10
  1020. auth_audit: 10
  1021. auth_json_audit: 10
  1022. kerberos: 10
  1023. drs_repl: 10
  1024. smb2: 10
  1025. smb2_credits: 10
  1026. dsdb_audit: 10
  1027. dsdb_json_audit: 10
  1028. dsdb_password_audit: 10
  1029. dsdb_password_json_audit: 10
  1030. dsdb_transaction_audit: 10
  1031. dsdb_transaction_json_audit: 10
  1032. dsdb_group_audit: 10
  1033. dsdb_group_json_audit: 10
  1034. lp_file_list_changed()
  1035. file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
  1036. INFO: Current debug levels:
  1037. all: 10
  1038. tdb: 10
  1039. printdrivers: 10
  1040. lanman: 10
  1041. smb: 10
  1042. rpc_parse: 10
  1043. rpc_srv: 10
  1044. rpc_cli: 10
  1045. passdb: 10
  1046. sam: 10
  1047. auth: 10
  1048. winbind: 10
  1049. vfs: 10
  1050. idmap: 10
  1051. quota: 10
  1052. acls: 10
  1053. locking: 10
  1054. msdfs: 10
  1055. dmapi: 10
  1056. registry: 10
  1057. scavenger: 10
  1058. dns: 10
  1059. ldb: 10
  1060. tevent: 10
  1061. auth_audit: 10
  1062. auth_json_audit: 10
  1063. kerberos: 10
  1064. drs_repl: 10
  1065. smb2: 10
  1066. smb2_credits: 10
  1067. dsdb_audit: 10
  1068. dsdb_json_audit: 10
  1069. dsdb_password_audit: 10
  1070. dsdb_password_json_audit: 10
  1071. dsdb_transaction_audit: 10
  1072. dsdb_transaction_json_audit: 10
  1073. dsdb_group_audit: 10
  1074. dsdb_group_json_audit: 10
  1075. added interface br-lan ip=fd3f:ea31:1c91::1 bcast= netmask=ffff:ffff:ffff:fff0::
  1076. added interface br-lan ip=192.168.1.250 bcast=192.168.255.255 netmask=255.255.0.0
  1077. loaded services
  1078. Netbios name list:-
  1079. my_netbios_names[0]="ZALUPA"
  1080. INFO: Profiling support unavailable in this build.
  1081. Standard input is not a socket, assuming -D option
  1082. Becoming a daemon.
  1083. Process with PID=2781 does not exist.
  1084. msg_dgm_ref_destructor: refs=0
  1085. messaging_dgm_ref: messaging_dgm_init returned No error information
  1086. messaging_dgm_ref: unique = 14244736370929279451
  1087. Registered MSG_REQ_POOL_USAGE
  1088. Attempting to register passdb backend smbpasswd
  1089. Successfully added passdb backend 'smbpasswd'
  1090. Attempting to register passdb backend tdbsam
  1091. Successfully added passdb backend 'tdbsam'
  1092. Attempting to find a passdb backend to match smbpasswd (smbpasswd)
  1093. Found pdb backend smbpasswd
  1094. pdb backend smbpasswd has a valid init
  1095. dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_version_global.tdb
  1096. lock order: 1:/var/lock/smbXsrv_version_global.tdb 2:<none> 3:<none> 4:<none>
  1097. db_tdb_log_key: Locking key 736D62587372765F7665
  1098. db_tdb_fetch_locked_internal: Allocated locked data 0xb5e8edc0
  1099. db_tdb_log_key: Unlocking key 736D62587372765F7665
  1100. dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_version_global.tdb
  1101. smbXsrv_version_global_init
  1102. &global_blob: struct smbXsrv_version_globalB
  1103. version : SMBXSRV_VERSION_0 (0)
  1104. seqnum : 0x00000001 (1)
  1105. info : union smbXsrv_version_globalU(case 0)
  1106. info0 : *
  1107. info0: struct smbXsrv_version_global0
  1108. db_rec : NULL
  1109. num_nodes : 0x00000001 (1)
  1110. nodes: ARRAY(1)
  1111. nodes: struct smbXsrv_version_node0
  1112. server_id: struct server_id
  1113. pid : 0x0000000000000afc (2812)
  1114. task_id : 0x00000000 (0)
  1115. vnn : 0xffffffff (4294967295)
  1116. unique_id : 0xc5af7841ec53a1db (-4202007702780272165)
  1117. min_version : SMBXSRV_VERSION_0 (0)
  1118. max_version : SMBXSRV_VERSION_0 (0)
  1119. current_version : SMBXSRV_VERSION_0 (0)
  1120. pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
  1121. msg_dgm_ref_destructor: refs=0
  1122. msg_dgm_ref_destructor: refs=0
  1123. messaging_dgm_ref: messaging_dgm_init returned No error information
  1124. messaging_dgm_ref: unique = 16364015521724381688
  1125. Registered MSG_REQ_POOL_USAGE
  1126. Attempting to find a passdb backend to match smbpasswd (smbpasswd)
  1127. Found pdb backend smbpasswd
  1128. pdb backend smbpasswd has a valid init
  1129. Registering messaging pointer for type 13 - private_data=0xb546dc80
  1130. Registering messaging pointer for type 788 - private_data=0xb546dc80
  1131. cleanupd_init: Started cleanupd pid=2815
  1132. Registering messaging pointer for type 789 - private_data=0xb5780d90
  1133. regdb_init: registry db openend. refcount reset (1)
  1134. reghook_cache_init: new tree with default ops 0xb6c0524c for key []
  1135. regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports]
  1136. regdb_unpack_values: value[0]: name[Samba Printer Port] len[2]
  1137. regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers]
  1138. regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70]
  1139. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  1140. messaging_dgm_ref: messaging_dgm_init returned No error information
  1141. messaging_dgm_ref: unique = 7465991384329138126
  1142. Registered MSG_REQ_POOL_USAGE
  1143. Attempting to find a passdb backend to match smbpasswd (smbpasswd)
  1144. Found pdb backend smbpasswd
  1145. pdb backend smbpasswd has a valid init
  1146. INFO: Current debug levels:
  1147. all: 10
  1148. tdb: 10
  1149. printdrivers: 10
  1150. lanman: 10
  1151. smb: 10
  1152. rpc_parse: 10
  1153. rpc_srv: 10
  1154. rpc_cli: 10
  1155. passdb: 10
  1156. sam: 10
  1157. auth: 10
  1158. winbind: 10
  1159. vfs: 10
  1160. idmap: 10
  1161. quota: 10
  1162. acls: 10
  1163. locking: 10
  1164. msdfs: 10
  1165. dmapi: 10
  1166. registry: 10
  1167. scavenger: 10
  1168. dns: 10
  1169. ldb: 10
  1170. tevent: 10
  1171. auth_audit: 10
  1172. auth_json_audit: 10
  1173. kerberos: 10
  1174. drs_repl: 10
  1175. smb2: 10
  1176. smb2_credits: 10
  1177. dsdb_audit: 10
  1178. dsdb_json_audit: 10
  1179. dsdb_password_audit: 10
  1180. dsdb_password_json_audit: 10
  1181. dsdb_transaction_audit: 10
  1182. dsdb_transaction_json_audit: 10
  1183. dsdb_group_audit: 10
  1184. dsdb_group_json_audit: 10
  1185. Registering messaging pointer for type 794 - private_data=0xb546dd60
  1186. Registering messaging pointer for type 795 - private_data=0xb546dd60
  1187. Registering messaging pointer for type 796 - private_data=0xb546dd60
  1188. messaging_dgm_send: Sending message to 2812
  1189. regdb_unpack_values: value[0]: name[DisplayName] len[20]
  1190. regdb_unpack_values: value[1]: name[ErrorControl] len[4]
  1191. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  1192. regdb_unpack_values: value[0]: name[DisplayName] len[20]
  1193. regdb_unpack_values: value[1]: name[ErrorControl] len[4]
  1194. reghook_cache_add: Adding ops 0xb6f34240 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers]
  1195. pathtree_add: Enter
  1196. pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree
  1197. pathtree_add: Exit
  1198. reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers]
  1199. pathtree_add: Enter
  1200. pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree
  1201. pathtree_add: Exit
  1202. reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports]
  1203. pathtree_add: Enter
  1204. pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree
  1205. pathtree_add: Exit
  1206. reghook_cache_add: Adding ops 0xb6c0524c for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\PackageInstallation]
  1207. pathtree_add: Enter
  1208. pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\PackageInstallation] to tree
  1209. pathtree_add: Exit
  1210. reghook_cache_add: Adding ops 0xb6f3426c for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares]
  1211. pathtree_add: Enter
  1212. pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree
  1213. pathtree_add: Exit
  1214. reghook_cache_add: Adding ops 0xb6c051d0 for key [\HKLM\SOFTWARE\Samba\smbconf]
  1215. pathtree_add: Enter
  1216. pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree
  1217. pathtree_add: Exit
  1218. reghook_cache_add: Adding ops 0xb6f34298 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
  1219. pathtree_add: Enter
  1220. pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree
  1221. pathtree_add: Exit
  1222. reghook_cache_add: Adding ops 0xb6f342c4 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions]
  1223. pathtree_add: Enter
  1224. pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree
  1225. pathtree_add: Exit
  1226. reghook_cache_add: Adding ops 0xb6f342f0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
  1227. pathtree_add: Enter
  1228. pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree
  1229. pathtree_add: Exit
  1230. reghook_cache_add: Adding ops 0xb6f3431c for key [\HKPT]
  1231. pathtree_add: Enter
  1232. pathtree_add: Successfully added node [HKPT] to tree
  1233. pathtree_add: Exit
  1234. reghook_cache_add: Adding ops 0xb6f34348 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
  1235. pathtree_add: Enter
  1236. pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree
  1237. pathtree_add: Exit
  1238. reghook_cache_add: Adding ops 0xb6f34374 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib]
  1239. pathtree_add: Enter
  1240. pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree
  1241. pathtree_add: Exit
  1242. regdb_close: decrementing refcount (1->0)
  1243. Could not convert SID S-1-5-18 to gid, ignoring it
  1244. Security token SIDs (1):
  1245. SID[ 0]: S-1-5-18
  1246. Privileges (0xFFFFFFFFFFFFFFFF):
  1247. Privilege[ 0]: SeMachineAccountPrivilege
  1248. Privilege[ 1]: SeTakeOwnershipPrivilege
  1249. Privilege[ 2]: SeBackupPrivilege
  1250. Privilege[ 3]: SeRestorePrivilege
  1251. Privilege[ 4]: SeRemoteShutdownPrivilege
  1252. Privilege[ 5]: SePrintOperatorPrivilege
  1253. Privilege[ 6]: SeAddUsersPrivilege
  1254. Privilege[ 7]: SeDiskOperatorPrivilege
  1255. Privilege[ 8]: SeSecurityPrivilege
  1256. Privilege[ 9]: SeSystemtimePrivilege
  1257. Privilege[ 10]: SeShutdownPrivilege
  1258. Privilege[ 11]: SeDebugPrivilege
  1259. Privilege[ 12]: SeSystemEnvironmentPrivilege
  1260. Privilege[ 13]: SeSystemProfilePrivilege
  1261. Privilege[ 14]: SeProfileSingleProcessPrivilege
  1262. Privilege[ 15]: SeIncreaseBasePriorityPrivilege
  1263. Privilege[ 16]: SeLoadDriverPrivilege
  1264. Privilege[ 17]: SeCreatePagefilePrivilege
  1265. Privilege[ 18]: SeIncreaseQuotaPrivilege
  1266. Privilege[ 19]: SeChangeNotifyPrivilege
  1267. Privilege[ 20]: SeUndockPrivilege
  1268. Privilege[ 21]: SeManageVolumePrivilege
  1269. Privilege[ 22]: SeImpersonatePrivilege
  1270. Privilege[ 23]: SeCreateGlobalPrivilege
  1271. Privilege[ 24]: SeEnableDelegationPrivilege
  1272. Rights (0x 0):
  1273. UNIX token of user 0
  1274. Primary group is 0 and contains 1 supplementary groups
  1275. Group[ 0]: 0
  1276. Finding user nobody
  1277. Trying _Get_Pwnam(), username as lowercase is nobody
  1278. Get_Pwnam_internals did find user [nobody]!
  1279. Finding user nobody
  1280. Trying _Get_Pwnam(), username as lowercase is nobody
  1281. Get_Pwnam_internals did find user [nobody]!
  1282. Create local NT token for nobody
  1283. Finding user nobody
  1284. Trying _Get_Pwnam(), username as lowercase is nobody
  1285. Get_Pwnam_internals did find user [nobody]!
  1286. sys_getgrouplist: user [nobody]
  1287. Opening cache file at /var/lock/gencache.tdb
  1288. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1289. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1290. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1291. Security token: (NULL)
  1292. UNIX token of user 0
  1293. Primary group is 0 and contains 0 supplementary groups
  1294. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1295. xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
  1296. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1297. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1298. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1299. Security token: (NULL)
  1300. UNIX token of user 0
  1301. Primary group is 0 and contains 0 supplementary groups
  1302. Failed to fetch domain sid for WORKGROUP
  1303. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1304. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1305. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1306. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1307. Security token: (NULL)
  1308. UNIX token of user 0
  1309. Primary group is 0 and contains 0 supplementary groups
  1310. Could not find map for sid S-1-5-32-544
  1311. create_builtin_administrators: Failed to create Administrators
  1312. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1313. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1314. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1315. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1316. Security token: (NULL)
  1317. UNIX token of user 0
  1318. Primary group is 0 and contains 0 supplementary groups
  1319. Could not find map for sid S-1-5-32-545
  1320. create_builtin_users: Failed to create Users
  1321. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1322. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1323. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1324. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1325. Security token: (NULL)
  1326. UNIX token of user 0
  1327. Primary group is 0 and contains 0 supplementary groups
  1328. Could not find map for sid S-1-5-32-546
  1329. create_builtin_guests: Failed to create Guests
  1330. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1331. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1332. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1333. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1334. Security token: (NULL)
  1335. UNIX token of user 0
  1336. Primary group is 0 and contains 0 supplementary groups
  1337. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1338. get_privileges: No privileges assigned to SID [S-1-5-21-3939785350-4027435424-1589595352-501]
  1339. get_privileges: No privileges assigned to SID [S-1-5-21-3939785350-4027435424-1589595352-514]
  1340. get_privileges: No privileges assigned to SID [S-1-22-2-65534]
  1341. get_privileges_for_sids: sid = S-1-1-0
  1342. Privilege set: 0x0
  1343. get_privileges: No privileges assigned to SID [S-1-5-2]
  1344. get_privileges: No privileges assigned to SID [S-1-5-32-546]
  1345. Parsing value for key [IDMAP/SID2XID/S-1-5-21-3939785350-4027435424-1589595352-501]: value=[65534:U]
  1346. Parsing value for key [IDMAP/SID2XID/S-1-5-21-3939785350-4027435424-1589595352-501]: id=[65534], endptr=[:U]
  1347. wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE
  1348. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1349. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1350. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1351. Security token: (NULL)
  1352. UNIX token of user 0
  1353. Primary group is 0 and contains 0 supplementary groups
  1354. lookup_global_sam_rid: looking up RID 514.
  1355. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  1356. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  1357. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  1358. Security token: (NULL)
  1359. UNIX token of user 0
  1360. Primary group is 0 and contains 0 supplementary groups
  1361. smbpasswd_getsampwrid: search by sid: S-1-5-21-3939785350-4027435424-1589595352-514
  1362. startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
  1363. getsmbfilepwent: skipping comment or blank line
  1364. getsmbfilepwent: LM password for user nobody invalidated
  1365. getsmbfilepwent: returning passwd entry for user nobody, uid 0
  1366. getsmbfilepwent: LM password for user useruser invalidated
  1367. getsmbfilepwent: returning passwd entry for user useruser, uid 65533
  1368. getsmbfilepwent: end of file reached.
  1369. endsmbfilepwent_internal: closed password file.
  1370. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  1371. Can't find a unix id for an unmapped group
  1372. SID S-1-5-21-3939785350-4027435424-1589595352-514 belongs to our domain, but there is no corresponding object in the database.
  1373. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1374. LEGACY: mapping failed for sid S-1-5-21-3939785350-4027435424-1589595352-514
  1375. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1376. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1377. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1378. Security token: (NULL)
  1379. UNIX token of user 0
  1380. Primary group is 0 and contains 0 supplementary groups
  1381. lookup_global_sam_rid: looking up RID 514.
  1382. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  1383. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  1384. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  1385. Security token: (NULL)
  1386. UNIX token of user 0
  1387. Primary group is 0 and contains 0 supplementary groups
  1388. smbpasswd_getsampwrid: search by sid: S-1-5-21-3939785350-4027435424-1589595352-514
  1389. startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
  1390. getsmbfilepwent: skipping comment or blank line
  1391. getsmbfilepwent: LM password for user nobody invalidated
  1392. getsmbfilepwent: returning passwd entry for user nobody, uid 0
  1393. getsmbfilepwent: LM password for user useruser invalidated
  1394. getsmbfilepwent: returning passwd entry for user useruser, uid 65533
  1395. getsmbfilepwent: end of file reached.
  1396. endsmbfilepwent_internal: closed password file.
  1397. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  1398. Can't find a unix id for an unmapped group
  1399. SID S-1-5-21-3939785350-4027435424-1589595352-514 belongs to our domain, but there is no corresponding object in the database.
  1400. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1401. LEGACY: mapping failed for sid S-1-5-21-3939785350-4027435424-1589595352-514
  1402. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1403. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1404. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1405. Security token: (NULL)
  1406. UNIX token of user 0
  1407. Primary group is 0 and contains 0 supplementary groups
  1408. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1409. LEGACY: mapping failed for sid S-1-1-0
  1410. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1411. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1412. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1413. Security token: (NULL)
  1414. UNIX token of user 0
  1415. Primary group is 0 and contains 0 supplementary groups
  1416. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1417. LEGACY: mapping failed for sid S-1-1-0
  1418. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1419. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1420. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1421. Security token: (NULL)
  1422. UNIX token of user 0
  1423. Primary group is 0 and contains 0 supplementary groups
  1424. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1425. LEGACY: mapping failed for sid S-1-5-2
  1426. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1427. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1428. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1429. Security token: (NULL)
  1430. UNIX token of user 0
  1431. Primary group is 0 and contains 0 supplementary groups
  1432. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1433. LEGACY: mapping failed for sid S-1-5-2
  1434. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1435. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1436. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1437. Security token: (NULL)
  1438. UNIX token of user 0
  1439. Primary group is 0 and contains 0 supplementary groups
  1440. Could not find map for sid S-1-5-32-546
  1441. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1442. LEGACY: mapping failed for sid S-1-5-32-546
  1443. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1444. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1445. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1446. Security token: (NULL)
  1447. UNIX token of user 0
  1448. Primary group is 0 and contains 0 supplementary groups
  1449. Could not find map for sid S-1-5-32-546
  1450. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1451. LEGACY: mapping failed for sid S-1-5-32-546
  1452. Could not convert SID S-1-5-21-3939785350-4027435424-1589595352-514 to gid, ignoring it
  1453. Could not convert SID S-1-1-0 to gid, ignoring it
  1454. Could not convert SID S-1-5-2 to gid, ignoring it
  1455. Could not convert SID S-1-5-32-546 to gid, ignoring it
  1456. Security token SIDs (7):
  1457. SID[ 0]: S-1-5-21-3939785350-4027435424-1589595352-501
  1458. SID[ 1]: S-1-5-21-3939785350-4027435424-1589595352-514
  1459. SID[ 2]: S-1-22-2-65534
  1460. SID[ 3]: S-1-1-0
  1461. SID[ 4]: S-1-5-2
  1462. SID[ 5]: S-1-5-32-546
  1463. SID[ 6]: S-1-22-1-65534
  1464. Privileges (0x 0):
  1465. Rights (0x 0):
  1466. UNIX token of user 65534
  1467. Primary group is 65534 and contains 1 supplementary groups
  1468. Group[ 0]: 65534
  1469. Finding user nobody
  1470. Trying _Get_Pwnam(), username as lowercase is nobody
  1471. Get_Pwnam_internals did find user [nobody]!
  1472. wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE
  1473. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1474. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1475. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1476. Security token: (NULL)
  1477. UNIX token of user 0
  1478. Primary group is 0 and contains 0 supplementary groups
  1479. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1480. LEGACY: mapping failed for sid S-1-5-7
  1481. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1482. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1483. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1484. Security token: (NULL)
  1485. UNIX token of user 0
  1486. Primary group is 0 and contains 0 supplementary groups
  1487. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1488. LEGACY: mapping failed for sid S-1-5-7
  1489. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1490. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1491. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1492. Security token: (NULL)
  1493. UNIX token of user 0
  1494. Primary group is 0 and contains 0 supplementary groups
  1495. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1496. LEGACY: mapping failed for sid S-1-1-0
  1497. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1498. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1499. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1500. Security token: (NULL)
  1501. UNIX token of user 0
  1502. Primary group is 0 and contains 0 supplementary groups
  1503. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1504. LEGACY: mapping failed for sid S-1-1-0
  1505. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1506. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1507. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1508. Security token: (NULL)
  1509. UNIX token of user 0
  1510. Primary group is 0 and contains 0 supplementary groups
  1511. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1512. LEGACY: mapping failed for sid S-1-5-2
  1513. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1514. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1515. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1516. Security token: (NULL)
  1517. UNIX token of user 0
  1518. Primary group is 0 and contains 0 supplementary groups
  1519. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1520. LEGACY: mapping failed for sid S-1-5-2
  1521. Could not convert SID S-1-5-7 to gid, ignoring it
  1522. Could not convert SID S-1-1-0 to gid, ignoring it
  1523. Could not convert SID S-1-5-2 to gid, ignoring it
  1524. sys_getgrouplist: user [nobody]
  1525. Security token SIDs (5):
  1526. SID[ 0]: S-1-5-7
  1527. SID[ 1]: S-1-1-0
  1528. SID[ 2]: S-1-5-2
  1529. SID[ 3]: S-1-22-1-65534
  1530. SID[ 4]: S-1-22-2-65534
  1531. Privileges (0x 0):
  1532. Rights (0x 0):
  1533. UNIX token of user 65534
  1534. Primary group is 65534 and contains 1 supplementary groups
  1535. Group[ 0]: 65534
  1536. dcesrv_init: Registering DCE/RPC endpoint servers
  1537. DCERPC endpoint server 'winreg' registered
  1538. DCERPC endpoint server 'srvsvc' registered
  1539. DCERPC endpoint server 'lsarpc' registered
  1540. DCERPC endpoint server 'samr' registered
  1541. DCERPC endpoint server 'netdfs' registered
  1542. DCERPC endpoint server 'dssetup' registered
  1543. DCERPC endpoint server 'wkssvc' registered
  1544. DCERPC endpoint server 'svcctl' registered
  1545. DCERPC endpoint server 'ntsvcs' registered
  1546. DCERPC endpoint server 'eventlog' registered
  1547. DCERPC endpoint server 'initshutdown' registered
  1548. dcesrv_init: Initializing DCE/RPC modules
  1549. dcesrv_init: Initializing DCE/RPC registered endpoint servers
  1550. dcesrv_interface_register: Interface 'winreg' registered on endpoint 'ncacn_np:[\pipe\winreg]' (single process required)
  1551. winreg__check_register_in_endpoint: Interface 'winreg' not registered in endpoint 'winreg' as service is embedded
  1552. dcesrv_interface_register: Interface 'winreg' registered on endpoint 'ncalrpc:' (single process required)
  1553. dcesrv_interface_register: Interface 'srvsvc' registered on endpoint 'ncacn_np:[\pipe\srvsvc]' (single process required)
  1554. srvsvc__check_register_in_endpoint: Interface 'srvsvc' not registered in endpoint 'srvsvc' as service is embedded
  1555. dcesrv_interface_register: Interface 'srvsvc' registered on endpoint 'ncalrpc:' (single process required)
  1556. dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\netlogon]' (single process required)
  1557. dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\lsarpc]' (single process required)
  1558. dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncacn_np:[\pipe\lsass]' (single process required)
  1559. lsarpc__check_register_in_endpoint: Interface 'lsarpc' not registered in endpoint 'lsarpc' as service is embedded
  1560. dcesrv_interface_register: Interface 'lsarpc' registered on endpoint 'ncalrpc:' (single process required)
  1561. dcesrv_interface_register: Interface 'samr' registered on endpoint 'ncacn_np:[\pipe\samr]' (single process required)
  1562. samr__check_register_in_endpoint: Interface 'samr' not registered in endpoint 'samr' as service is embedded
  1563. dcesrv_interface_register: Interface 'samr' registered on endpoint 'ncalrpc:' (single process required)
  1564. dcesrv_interface_register: Interface 'netdfs' registered on endpoint 'ncacn_np:[\pipe\netdfs]' (single process required)
  1565. netdfs__check_register_in_endpoint: Interface 'netdfs' not registered in endpoint 'netdfs' as service is embedded
  1566. dcesrv_interface_register: Interface 'netdfs' registered on endpoint 'ncalrpc:' (single process required)
  1567. dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncacn_np:[\pipe\lsarpc]' (single process required)
  1568. dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncacn_np:[\pipe\lsass]' (single process required)
  1569. dssetup__check_register_in_endpoint: Interface 'dssetup' not registered in endpoint 'dssetup' as service is embedded
  1570. dcesrv_interface_register: Interface 'dssetup' registered on endpoint 'ncalrpc:' (single process required)
  1571. dcesrv_interface_register: Interface 'wkssvc' registered on endpoint 'ncacn_np:[\pipe\wkssvc]' (single process required)
  1572. wkssvc__check_register_in_endpoint: Interface 'wkssvc' not registered in endpoint 'wkssvc' as service is embedded
  1573. dcesrv_interface_register: Interface 'wkssvc' registered on endpoint 'ncalrpc:' (single process required)
  1574. Initialise the svcctl registry keys if needed.
  1575. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  1576. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  1577. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  1578. Security token: (NULL)
  1579. UNIX token of user 0
  1580. Primary group is 0 and contains 0 supplementary groups
  1581. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  1582. regdb_open: registry db opened. refcount reset (1)
  1583. make_internal_ncacn_conn: Create pipe requested winreg
  1584. Created internal pipe winreg
  1585. winreg_OpenHKLM: struct winreg_OpenHKLM
  1586. in: struct winreg_OpenHKLM
  1587. system_name : NULL
  1588. access_mask : 0x02000000 (33554432)
  1589. 0: KEY_QUERY_VALUE
  1590. 0: KEY_SET_VALUE
  1591. 0: KEY_CREATE_SUB_KEY
  1592. 0: KEY_ENUMERATE_SUB_KEYS
  1593. 0: KEY_NOTIFY
  1594. 0: KEY_CREATE_LINK
  1595. 0: KEY_WOW64_64KEY
  1596. 0: KEY_WOW64_32KEY
  1597. regkey_open_onelevel: name = [HKLM]
  1598. regdb_open: incrementing refcount (1->2)
  1599. reghook_cache_find: Searching for keyname [\HKLM]
  1600. pathtree_find: Enter [\HKLM]
  1601. pathtree_find: Exit
  1602. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM]
  1603. winreg_OpenHKLM: struct winreg_OpenHKLM
  1604. out: struct winreg_OpenHKLM
  1605. handle : *
  1606. handle: struct policy_handle
  1607. handle_type : 0x00000001 (1)
  1608. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  1609. result : WERR_OK
  1610. winreg_OpenKey: struct winreg_OpenKey
  1611. in: struct winreg_OpenKey
  1612. parent_handle : *
  1613. parent_handle: struct policy_handle
  1614. handle_type : 0x00000001 (1)
  1615. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  1616. keyname: struct winreg_String
  1617. name_len : 0x0044 (68)
  1618. name_size : 0x0044 (68)
  1619. name : *
  1620. name : 'SYSTEM\CurrentControlSet\Services'
  1621. options : 0x00000000 (0)
  1622. 0: REG_OPTION_VOLATILE
  1623. 0: REG_OPTION_CREATE_LINK
  1624. 0: REG_OPTION_BACKUP_RESTORE
  1625. 0: REG_OPTION_OPEN_LINK
  1626. access_mask : 0x02000000 (33554432)
  1627. 0: KEY_QUERY_VALUE
  1628. 0: KEY_SET_VALUE
  1629. 0: KEY_CREATE_SUB_KEY
  1630. 0: KEY_ENUMERATE_SUB_KEYS
  1631. 0: KEY_NOTIFY
  1632. 0: KEY_CREATE_LINK
  1633. 0: KEY_WOW64_64KEY
  1634. 0: KEY_WOW64_32KEY
  1635. regkey_open_onelevel: name = [SYSTEM]
  1636. regdb_open: incrementing refcount (2->3)
  1637. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  1638. pathtree_find: Enter [\HKLM\SYSTEM]
  1639. pathtree_find: Exit
  1640. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  1641. regkey_open_onelevel: name = [CurrentControlSet]
  1642. regdb_open: incrementing refcount (3->4)
  1643. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  1644. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  1645. pathtree_find: Exit
  1646. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  1647. regkey_open_onelevel: name = [Services]
  1648. regdb_open: incrementing refcount (4->5)
  1649. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  1650. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  1651. pathtree_find: Exit
  1652. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  1653. regdb_close: decrementing refcount (5->4)
  1654. regdb_close: decrementing refcount (4->3)
  1655. winreg_OpenKey: struct winreg_OpenKey
  1656. out: struct winreg_OpenKey
  1657. handle : *
  1658. handle: struct policy_handle
  1659. handle_type : 0x00000001 (1)
  1660. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1661. result : WERR_OK
  1662. winreg_QueryInfoKey: struct winreg_QueryInfoKey
  1663. in: struct winreg_QueryInfoKey
  1664. handle : *
  1665. handle: struct policy_handle
  1666. handle_type : 0x00000001 (1)
  1667. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1668. classname : *
  1669. classname: struct winreg_String
  1670. name_len : 0x0000 (0)
  1671. name_size : 0x0000 (0)
  1672. name : NULL
  1673. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0xb6c0524c)
  1674. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services]
  1675. regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services]
  1676. winreg_QueryInfoKey: struct winreg_QueryInfoKey
  1677. out: struct winreg_QueryInfoKey
  1678. classname : *
  1679. classname: struct winreg_String
  1680. name_len : 0x0000 (0)
  1681. name_size : 0x0000 (0)
  1682. name : NULL
  1683. num_subkeys : *
  1684. num_subkeys : 0x00000007 (7)
  1685. max_subkeylen : *
  1686. max_subkeylen : 0x0000001c (28)
  1687. max_classlen : *
  1688. max_classlen : 0x00000000 (0)
  1689. num_values : *
  1690. num_values : 0x00000000 (0)
  1691. max_valnamelen : *
  1692. max_valnamelen : 0x00000002 (2)
  1693. max_valbufsize : *
  1694. max_valbufsize : 0x00000000 (0)
  1695. secdescsize : *
  1696. secdescsize : 0x00000078 (120)
  1697. last_changed_time : *
  1698. last_changed_time : NTTIME(0)
  1699. result : WERR_OK
  1700. winreg_EnumKey: struct winreg_EnumKey
  1701. in: struct winreg_EnumKey
  1702. handle : *
  1703. handle: struct policy_handle
  1704. handle_type : 0x00000001 (1)
  1705. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1706. enum_index : 0x00000000 (0)
  1707. name : *
  1708. name: struct winreg_StringBuf
  1709. length : 0x0000 (0)
  1710. size : 0x001e (30)
  1711. name : *
  1712. name : ''
  1713. keyclass : *
  1714. keyclass: struct winreg_StringBuf
  1715. length : 0x0000 (0)
  1716. size : 0x0002 (2)
  1717. name : *
  1718. name : ''
  1719. last_changed_time : *
  1720. last_changed_time : NTTIME(0)
  1721. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1722. winreg_EnumKey: struct winreg_EnumKey
  1723. out: struct winreg_EnumKey
  1724. name : *
  1725. name: struct winreg_StringBuf
  1726. length : 0x001a (26)
  1727. size : 0x001e (30)
  1728. name : *
  1729. name : 'LanmanServer'
  1730. keyclass : *
  1731. keyclass: struct winreg_StringBuf
  1732. length : 0x0000 (0)
  1733. size : 0x0002 (2)
  1734. name : *
  1735. name : ''
  1736. last_changed_time : *
  1737. last_changed_time : NTTIME(0)
  1738. result : WERR_OK
  1739. winreg_EnumKey: struct winreg_EnumKey
  1740. in: struct winreg_EnumKey
  1741. handle : *
  1742. handle: struct policy_handle
  1743. handle_type : 0x00000001 (1)
  1744. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1745. enum_index : 0x00000001 (1)
  1746. name : *
  1747. name: struct winreg_StringBuf
  1748. length : 0x0000 (0)
  1749. size : 0x001e (30)
  1750. name : *
  1751. name : ''
  1752. keyclass : *
  1753. keyclass: struct winreg_StringBuf
  1754. length : 0x0000 (0)
  1755. size : 0x0002 (2)
  1756. name : *
  1757. name : ''
  1758. last_changed_time : *
  1759. last_changed_time : NTTIME(0)
  1760. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1761. winreg_EnumKey: struct winreg_EnumKey
  1762. out: struct winreg_EnumKey
  1763. name : *
  1764. name: struct winreg_StringBuf
  1765. length : 0x0012 (18)
  1766. size : 0x001e (30)
  1767. name : *
  1768. name : 'Eventlog'
  1769. keyclass : *
  1770. keyclass: struct winreg_StringBuf
  1771. length : 0x0000 (0)
  1772. size : 0x0002 (2)
  1773. name : *
  1774. name : ''
  1775. last_changed_time : *
  1776. last_changed_time : NTTIME(0)
  1777. result : WERR_OK
  1778. winreg_EnumKey: struct winreg_EnumKey
  1779. in: struct winreg_EnumKey
  1780. handle : *
  1781. handle: struct policy_handle
  1782. handle_type : 0x00000001 (1)
  1783. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1784. enum_index : 0x00000002 (2)
  1785. name : *
  1786. name: struct winreg_StringBuf
  1787. length : 0x0000 (0)
  1788. size : 0x001e (30)
  1789. name : *
  1790. name : ''
  1791. keyclass : *
  1792. keyclass: struct winreg_StringBuf
  1793. length : 0x0000 (0)
  1794. size : 0x0002 (2)
  1795. name : *
  1796. name : ''
  1797. last_changed_time : *
  1798. last_changed_time : NTTIME(0)
  1799. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1800. winreg_EnumKey: struct winreg_EnumKey
  1801. out: struct winreg_EnumKey
  1802. name : *
  1803. name: struct winreg_StringBuf
  1804. length : 0x000c (12)
  1805. size : 0x001e (30)
  1806. name : *
  1807. name : 'Tcpip'
  1808. keyclass : *
  1809. keyclass: struct winreg_StringBuf
  1810. length : 0x0000 (0)
  1811. size : 0x0002 (2)
  1812. name : *
  1813. name : ''
  1814. last_changed_time : *
  1815. last_changed_time : NTTIME(0)
  1816. result : WERR_OK
  1817. winreg_EnumKey: struct winreg_EnumKey
  1818. in: struct winreg_EnumKey
  1819. handle : *
  1820. handle: struct policy_handle
  1821. handle_type : 0x00000001 (1)
  1822. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1823. enum_index : 0x00000003 (3)
  1824. name : *
  1825. name: struct winreg_StringBuf
  1826. length : 0x0000 (0)
  1827. size : 0x001e (30)
  1828. name : *
  1829. name : ''
  1830. keyclass : *
  1831. keyclass: struct winreg_StringBuf
  1832. length : 0x0000 (0)
  1833. size : 0x0002 (2)
  1834. name : *
  1835. name : ''
  1836. last_changed_time : *
  1837. last_changed_time : NTTIME(0)
  1838. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1839. winreg_EnumKey: struct winreg_EnumKey
  1840. out: struct winreg_EnumKey
  1841. name : *
  1842. name: struct winreg_StringBuf
  1843. length : 0x0012 (18)
  1844. size : 0x001e (30)
  1845. name : *
  1846. name : 'Netlogon'
  1847. keyclass : *
  1848. keyclass: struct winreg_StringBuf
  1849. length : 0x0000 (0)
  1850. size : 0x0002 (2)
  1851. name : *
  1852. name : ''
  1853. last_changed_time : *
  1854. last_changed_time : NTTIME(0)
  1855. result : WERR_OK
  1856. winreg_EnumKey: struct winreg_EnumKey
  1857. in: struct winreg_EnumKey
  1858. handle : *
  1859. handle: struct policy_handle
  1860. handle_type : 0x00000001 (1)
  1861. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1862. enum_index : 0x00000004 (4)
  1863. name : *
  1864. name: struct winreg_StringBuf
  1865. length : 0x0000 (0)
  1866. size : 0x001e (30)
  1867. name : *
  1868. name : ''
  1869. keyclass : *
  1870. keyclass: struct winreg_StringBuf
  1871. length : 0x0000 (0)
  1872. size : 0x0002 (2)
  1873. name : *
  1874. name : ''
  1875. last_changed_time : *
  1876. last_changed_time : NTTIME(0)
  1877. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1878. winreg_EnumKey: struct winreg_EnumKey
  1879. out: struct winreg_EnumKey
  1880. name : *
  1881. name: struct winreg_StringBuf
  1882. length : 0x0010 (16)
  1883. size : 0x001e (30)
  1884. name : *
  1885. name : 'Spooler'
  1886. keyclass : *
  1887. keyclass: struct winreg_StringBuf
  1888. length : 0x0000 (0)
  1889. size : 0x0002 (2)
  1890. name : *
  1891. name : ''
  1892. last_changed_time : *
  1893. last_changed_time : NTTIME(0)
  1894. result : WERR_OK
  1895. winreg_EnumKey: struct winreg_EnumKey
  1896. in: struct winreg_EnumKey
  1897. handle : *
  1898. handle: struct policy_handle
  1899. handle_type : 0x00000001 (1)
  1900. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1901. enum_index : 0x00000005 (5)
  1902. name : *
  1903. name: struct winreg_StringBuf
  1904. length : 0x0000 (0)
  1905. size : 0x001e (30)
  1906. name : *
  1907. name : ''
  1908. keyclass : *
  1909. keyclass: struct winreg_StringBuf
  1910. length : 0x0000 (0)
  1911. size : 0x0002 (2)
  1912. name : *
  1913. name : ''
  1914. last_changed_time : *
  1915. last_changed_time : NTTIME(0)
  1916. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1917. winreg_EnumKey: struct winreg_EnumKey
  1918. out: struct winreg_EnumKey
  1919. name : *
  1920. name: struct winreg_StringBuf
  1921. length : 0x001e (30)
  1922. size : 0x001e (30)
  1923. name : *
  1924. name : 'RemoteRegistry'
  1925. keyclass : *
  1926. keyclass: struct winreg_StringBuf
  1927. length : 0x0000 (0)
  1928. size : 0x0002 (2)
  1929. name : *
  1930. name : ''
  1931. last_changed_time : *
  1932. last_changed_time : NTTIME(0)
  1933. result : WERR_OK
  1934. winreg_EnumKey: struct winreg_EnumKey
  1935. in: struct winreg_EnumKey
  1936. handle : *
  1937. handle: struct policy_handle
  1938. handle_type : 0x00000001 (1)
  1939. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  1940. enum_index : 0x00000006 (6)
  1941. name : *
  1942. name: struct winreg_StringBuf
  1943. length : 0x0000 (0)
  1944. size : 0x001e (30)
  1945. name : *
  1946. name : ''
  1947. keyclass : *
  1948. keyclass: struct winreg_StringBuf
  1949. length : 0x0000 (0)
  1950. size : 0x0002 (2)
  1951. name : *
  1952. name : ''
  1953. last_changed_time : *
  1954. last_changed_time : NTTIME(0)
  1955. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services]
  1956. winreg_EnumKey: struct winreg_EnumKey
  1957. out: struct winreg_EnumKey
  1958. name : *
  1959. name: struct winreg_StringBuf
  1960. length : 0x000a (10)
  1961. size : 0x001e (30)
  1962. name : *
  1963. name : 'WINS'
  1964. keyclass : *
  1965. keyclass: struct winreg_StringBuf
  1966. length : 0x0000 (0)
  1967. size : 0x0002 (2)
  1968. name : *
  1969. name : ''
  1970. last_changed_time : *
  1971. last_changed_time : NTTIME(0)
  1972. result : WERR_OK
  1973. winreg_CreateKey: struct winreg_CreateKey
  1974. in: struct winreg_CreateKey
  1975. handle : *
  1976. handle: struct policy_handle
  1977. handle_type : 0x00000001 (1)
  1978. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  1979. name: struct winreg_String
  1980. name_len : 0x0054 (84)
  1981. name_size : 0x0054 (84)
  1982. name : *
  1983. name : 'SYSTEM\CurrentControlSet\Services\Spooler'
  1984. keyclass: struct winreg_String
  1985. name_len : 0x0002 (2)
  1986. name_size : 0x0002 (2)
  1987. name : *
  1988. name : ''
  1989. options : 0x00000000 (0)
  1990. 0: REG_OPTION_VOLATILE
  1991. 0: REG_OPTION_CREATE_LINK
  1992. 0: REG_OPTION_BACKUP_RESTORE
  1993. 0: REG_OPTION_OPEN_LINK
  1994. access_mask : 0x02000000 (33554432)
  1995. 0: KEY_QUERY_VALUE
  1996. 0: KEY_SET_VALUE
  1997. 0: KEY_CREATE_SUB_KEY
  1998. 0: KEY_ENUMERATE_SUB_KEYS
  1999. 0: KEY_NOTIFY
  2000. 0: KEY_CREATE_LINK
  2001. 0: KEY_WOW64_64KEY
  2002. 0: KEY_WOW64_32KEY
  2003. secdesc : NULL
  2004. action_taken : *
  2005. action_taken : REG_ACTION_NONE (0)
  2006. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler'
  2007. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2008. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2009. regkey_open_onelevel: name = [SYSTEM]
  2010. regdb_open: incrementing refcount (3->4)
  2011. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  2012. pathtree_find: Enter [\HKLM\SYSTEM]
  2013. pathtree_find: Exit
  2014. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  2015. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2016. regkey_open_onelevel: name = [CurrentControlSet]
  2017. regdb_open: incrementing refcount (4->5)
  2018. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  2019. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  2020. pathtree_find: Exit
  2021. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  2022. regdb_close: decrementing refcount (5->4)
  2023. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2024. regkey_open_onelevel: name = [Services]
  2025. regdb_open: incrementing refcount (4->5)
  2026. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  2027. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  2028. pathtree_find: Exit
  2029. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  2030. regdb_close: decrementing refcount (5->4)
  2031. regkey_open_onelevel: name = [Spooler]
  2032. regdb_open: incrementing refcount (4->5)
  2033. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2034. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2035. pathtree_find: Exit
  2036. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2037. regdb_close: decrementing refcount (5->4)
  2038. winreg_CreateKey: struct winreg_CreateKey
  2039. out: struct winreg_CreateKey
  2040. new_handle : *
  2041. new_handle: struct policy_handle
  2042. handle_type : 0x00000001 (1)
  2043. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2044. action_taken : *
  2045. action_taken : REG_OPENED_EXISTING_KEY (2)
  2046. result : WERR_OK
  2047. winreg_SetValue: struct winreg_SetValue
  2048. in: struct winreg_SetValue
  2049. handle : *
  2050. handle: struct policy_handle
  2051. handle_type : 0x00000001 (1)
  2052. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2053. name: struct winreg_String
  2054. name_len : 0x000c (12)
  2055. name_size : 0x000c (12)
  2056. name : *
  2057. name : 'Start'
  2058. type : REG_DWORD (4)
  2059. data : *
  2060. data: ARRAY(4)
  2061. [0] : 0x02 (2)
  2062. [1] : 0x00 (0)
  2063. [2] : 0x00 (0)
  2064. [3] : 0x00 (0)
  2065. size : 0x00000004 (4)
  2066. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start]
  2067. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2068. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0xb6c0524c)
  2069. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2070. regdb_unpack_values: value[0]: name[Start] len[4]
  2071. regdb_unpack_values: value[1]: name[Type] len[4]
  2072. regdb_unpack_values: value[2]: name[ErrorControl] len[4]
  2073. regdb_unpack_values: value[3]: name[ObjectName] len[24]
  2074. regdb_unpack_values: value[4]: name[DisplayName] len[28]
  2075. regdb_unpack_values: value[5]: name[ImagePath] len[54]
  2076. regdb_unpack_values: value[6]: name[Description] len[106]
  2077. winreg_SetValue: struct winreg_SetValue
  2078. out: struct winreg_SetValue
  2079. result : WERR_OK
  2080. winreg_SetValue: struct winreg_SetValue
  2081. in: struct winreg_SetValue
  2082. handle : *
  2083. handle: struct policy_handle
  2084. handle_type : 0x00000001 (1)
  2085. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2086. name: struct winreg_String
  2087. name_len : 0x000a (10)
  2088. name_size : 0x000a (10)
  2089. name : *
  2090. name : 'Type'
  2091. type : REG_DWORD (4)
  2092. data : *
  2093. data: ARRAY(4)
  2094. [0] : 0x10 (16)
  2095. [1] : 0x00 (0)
  2096. [2] : 0x00 (0)
  2097. [3] : 0x00 (0)
  2098. size : 0x00000004 (4)
  2099. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type]
  2100. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2101. winreg_SetValue: struct winreg_SetValue
  2102. out: struct winreg_SetValue
  2103. result : WERR_OK
  2104. winreg_SetValue: struct winreg_SetValue
  2105. in: struct winreg_SetValue
  2106. handle : *
  2107. handle: struct policy_handle
  2108. handle_type : 0x00000001 (1)
  2109. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2110. name: struct winreg_String
  2111. name_len : 0x001a (26)
  2112. name_size : 0x001a (26)
  2113. name : *
  2114. name : 'ErrorControl'
  2115. type : REG_DWORD (4)
  2116. data : *
  2117. data: ARRAY(4)
  2118. [0] : 0x01 (1)
  2119. [1] : 0x00 (0)
  2120. [2] : 0x00 (0)
  2121. [3] : 0x00 (0)
  2122. size : 0x00000004 (4)
  2123. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl]
  2124. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2125. winreg_SetValue: struct winreg_SetValue
  2126. out: struct winreg_SetValue
  2127. result : WERR_OK
  2128. winreg_SetValue: struct winreg_SetValue
  2129. in: struct winreg_SetValue
  2130. handle : *
  2131. handle: struct policy_handle
  2132. handle_type : 0x00000001 (1)
  2133. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2134. name: struct winreg_String
  2135. name_len : 0x0016 (22)
  2136. name_size : 0x0016 (22)
  2137. name : *
  2138. name : 'ObjectName'
  2139. type : REG_SZ (1)
  2140. data : *
  2141. data: ARRAY(24)
  2142. [0] : 0x4c (76)
  2143. [1] : 0x00 (0)
  2144. [2] : 0x6f (111)
  2145. [3] : 0x00 (0)
  2146. [4] : 0x63 (99)
  2147. [5] : 0x00 (0)
  2148. [6] : 0x61 (97)
  2149. [7] : 0x00 (0)
  2150. [8] : 0x6c (108)
  2151. [9] : 0x00 (0)
  2152. [10] : 0x53 (83)
  2153. [11] : 0x00 (0)
  2154. [12] : 0x79 (121)
  2155. [13] : 0x00 (0)
  2156. [14] : 0x73 (115)
  2157. [15] : 0x00 (0)
  2158. [16] : 0x74 (116)
  2159. [17] : 0x00 (0)
  2160. [18] : 0x65 (101)
  2161. [19] : 0x00 (0)
  2162. [20] : 0x6d (109)
  2163. [21] : 0x00 (0)
  2164. [22] : 0x00 (0)
  2165. [23] : 0x00 (0)
  2166. size : 0x00000018 (24)
  2167. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName]
  2168. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2169. winreg_SetValue: struct winreg_SetValue
  2170. out: struct winreg_SetValue
  2171. result : WERR_OK
  2172. winreg_SetValue: struct winreg_SetValue
  2173. in: struct winreg_SetValue
  2174. handle : *
  2175. handle: struct policy_handle
  2176. handle_type : 0x00000001 (1)
  2177. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2178. name: struct winreg_String
  2179. name_len : 0x0018 (24)
  2180. name_size : 0x0018 (24)
  2181. name : *
  2182. name : 'DisplayName'
  2183. type : REG_SZ (1)
  2184. data : *
  2185. data: ARRAY(28)
  2186. [0] : 0x50 (80)
  2187. [1] : 0x00 (0)
  2188. [2] : 0x72 (114)
  2189. [3] : 0x00 (0)
  2190. [4] : 0x69 (105)
  2191. [5] : 0x00 (0)
  2192. [6] : 0x6e (110)
  2193. [7] : 0x00 (0)
  2194. [8] : 0x74 (116)
  2195. [9] : 0x00 (0)
  2196. [10] : 0x20 (32)
  2197. [11] : 0x00 (0)
  2198. [12] : 0x53 (83)
  2199. [13] : 0x00 (0)
  2200. [14] : 0x70 (112)
  2201. [15] : 0x00 (0)
  2202. [16] : 0x6f (111)
  2203. [17] : 0x00 (0)
  2204. [18] : 0x6f (111)
  2205. [19] : 0x00 (0)
  2206. [20] : 0x6c (108)
  2207. [21] : 0x00 (0)
  2208. [22] : 0x65 (101)
  2209. [23] : 0x00 (0)
  2210. [24] : 0x72 (114)
  2211. [25] : 0x00 (0)
  2212. [26] : 0x00 (0)
  2213. [27] : 0x00 (0)
  2214. size : 0x0000001c (28)
  2215. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName]
  2216. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2217. winreg_SetValue: struct winreg_SetValue
  2218. out: struct winreg_SetValue
  2219. result : WERR_OK
  2220. winreg_SetValue: struct winreg_SetValue
  2221. in: struct winreg_SetValue
  2222. handle : *
  2223. handle: struct policy_handle
  2224. handle_type : 0x00000001 (1)
  2225. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2226. name: struct winreg_String
  2227. name_len : 0x0014 (20)
  2228. name_size : 0x0014 (20)
  2229. name : *
  2230. name : 'ImagePath'
  2231. type : REG_SZ (1)
  2232. data : *
  2233. data: ARRAY(54)
  2234. [0] : 0x2f (47)
  2235. [1] : 0x00 (0)
  2236. [2] : 0x75 (117)
  2237. [3] : 0x00 (0)
  2238. [4] : 0x73 (115)
  2239. [5] : 0x00 (0)
  2240. [6] : 0x72 (114)
  2241. [7] : 0x00 (0)
  2242. [8] : 0x2f (47)
  2243. [9] : 0x00 (0)
  2244. [10] : 0x6c (108)
  2245. [11] : 0x00 (0)
  2246. [12] : 0x69 (105)
  2247. [13] : 0x00 (0)
  2248. [14] : 0x62 (98)
  2249. [15] : 0x00 (0)
  2250. [16] : 0x2f (47)
  2251. [17] : 0x00 (0)
  2252. [18] : 0x73 (115)
  2253. [19] : 0x00 (0)
  2254. [20] : 0x61 (97)
  2255. [21] : 0x00 (0)
  2256. [22] : 0x6d (109)
  2257. [23] : 0x00 (0)
  2258. [24] : 0x62 (98)
  2259. [25] : 0x00 (0)
  2260. [26] : 0x61 (97)
  2261. [27] : 0x00 (0)
  2262. [28] : 0x2f (47)
  2263. [29] : 0x00 (0)
  2264. [30] : 0x73 (115)
  2265. [31] : 0x00 (0)
  2266. [32] : 0x76 (118)
  2267. [33] : 0x00 (0)
  2268. [34] : 0x63 (99)
  2269. [35] : 0x00 (0)
  2270. [36] : 0x63 (99)
  2271. [37] : 0x00 (0)
  2272. [38] : 0x74 (116)
  2273. [39] : 0x00 (0)
  2274. [40] : 0x6c (108)
  2275. [41] : 0x00 (0)
  2276. [42] : 0x2f (47)
  2277. [43] : 0x00 (0)
  2278. [44] : 0x73 (115)
  2279. [45] : 0x00 (0)
  2280. [46] : 0x6d (109)
  2281. [47] : 0x00 (0)
  2282. [48] : 0x62 (98)
  2283. [49] : 0x00 (0)
  2284. [50] : 0x64 (100)
  2285. [51] : 0x00 (0)
  2286. [52] : 0x00 (0)
  2287. [53] : 0x00 (0)
  2288. size : 0x00000036 (54)
  2289. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath]
  2290. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2291. winreg_SetValue: struct winreg_SetValue
  2292. out: struct winreg_SetValue
  2293. result : WERR_OK
  2294. winreg_SetValue: struct winreg_SetValue
  2295. in: struct winreg_SetValue
  2296. handle : *
  2297. handle: struct policy_handle
  2298. handle_type : 0x00000001 (1)
  2299. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2300. name: struct winreg_String
  2301. name_len : 0x0018 (24)
  2302. name_size : 0x0018 (24)
  2303. name : *
  2304. name : 'Description'
  2305. type : REG_SZ (1)
  2306. data : *
  2307. data: ARRAY(106)
  2308. [0] : 0x49 (73)
  2309. [1] : 0x00 (0)
  2310. [2] : 0x6e (110)
  2311. [3] : 0x00 (0)
  2312. [4] : 0x74 (116)
  2313. [5] : 0x00 (0)
  2314. [6] : 0x65 (101)
  2315. [7] : 0x00 (0)
  2316. [8] : 0x72 (114)
  2317. [9] : 0x00 (0)
  2318. [10] : 0x6e (110)
  2319. [11] : 0x00 (0)
  2320. [12] : 0x61 (97)
  2321. [13] : 0x00 (0)
  2322. [14] : 0x6c (108)
  2323. [15] : 0x00 (0)
  2324. [16] : 0x20 (32)
  2325. [17] : 0x00 (0)
  2326. [18] : 0x73 (115)
  2327. [19] : 0x00 (0)
  2328. [20] : 0x65 (101)
  2329. [21] : 0x00 (0)
  2330. [22] : 0x72 (114)
  2331. [23] : 0x00 (0)
  2332. [24] : 0x76 (118)
  2333. [25] : 0x00 (0)
  2334. [26] : 0x69 (105)
  2335. [27] : 0x00 (0)
  2336. [28] : 0x63 (99)
  2337. [29] : 0x00 (0)
  2338. [30] : 0x65 (101)
  2339. [31] : 0x00 (0)
  2340. [32] : 0x20 (32)
  2341. [33] : 0x00 (0)
  2342. [34] : 0x66 (102)
  2343. [35] : 0x00 (0)
  2344. [36] : 0x6f (111)
  2345. [37] : 0x00 (0)
  2346. [38] : 0x72 (114)
  2347. [39] : 0x00 (0)
  2348. [40] : 0x20 (32)
  2349. [41] : 0x00 (0)
  2350. [42] : 0x73 (115)
  2351. [43] : 0x00 (0)
  2352. [44] : 0x70 (112)
  2353. [45] : 0x00 (0)
  2354. [46] : 0x6f (111)
  2355. [47] : 0x00 (0)
  2356. [48] : 0x6f (111)
  2357. [49] : 0x00 (0)
  2358. [50] : 0x6c (108)
  2359. [51] : 0x00 (0)
  2360. [52] : 0x69 (105)
  2361. [53] : 0x00 (0)
  2362. [54] : 0x6e (110)
  2363. [55] : 0x00 (0)
  2364. [56] : 0x67 (103)
  2365. [57] : 0x00 (0)
  2366. [58] : 0x20 (32)
  2367. [59] : 0x00 (0)
  2368. [60] : 0x66 (102)
  2369. [61] : 0x00 (0)
  2370. [62] : 0x69 (105)
  2371. [63] : 0x00 (0)
  2372. [64] : 0x6c (108)
  2373. [65] : 0x00 (0)
  2374. [66] : 0x65 (101)
  2375. [67] : 0x00 (0)
  2376. [68] : 0x73 (115)
  2377. [69] : 0x00 (0)
  2378. [70] : 0x20 (32)
  2379. [71] : 0x00 (0)
  2380. [72] : 0x74 (116)
  2381. [73] : 0x00 (0)
  2382. [74] : 0x6f (111)
  2383. [75] : 0x00 (0)
  2384. [76] : 0x20 (32)
  2385. [77] : 0x00 (0)
  2386. [78] : 0x70 (112)
  2387. [79] : 0x00 (0)
  2388. [80] : 0x72 (114)
  2389. [81] : 0x00 (0)
  2390. [82] : 0x69 (105)
  2391. [83] : 0x00 (0)
  2392. [84] : 0x6e (110)
  2393. [85] : 0x00 (0)
  2394. [86] : 0x74 (116)
  2395. [87] : 0x00 (0)
  2396. [88] : 0x20 (32)
  2397. [89] : 0x00 (0)
  2398. [90] : 0x64 (100)
  2399. [91] : 0x00 (0)
  2400. [92] : 0x65 (101)
  2401. [93] : 0x00 (0)
  2402. [94] : 0x76 (118)
  2403. [95] : 0x00 (0)
  2404. [96] : 0x69 (105)
  2405. [97] : 0x00 (0)
  2406. [98] : 0x63 (99)
  2407. [99] : 0x00 (0)
  2408. [100] : 0x65 (101)
  2409. [101] : 0x00 (0)
  2410. [102] : 0x73 (115)
  2411. [103] : 0x00 (0)
  2412. [104] : 0x00 (0)
  2413. [105] : 0x00 (0)
  2414. size : 0x0000006a (106)
  2415. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description]
  2416. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2417. winreg_SetValue: struct winreg_SetValue
  2418. out: struct winreg_SetValue
  2419. result : WERR_OK
  2420. winreg_CloseKey: struct winreg_CloseKey
  2421. in: struct winreg_CloseKey
  2422. handle : *
  2423. handle: struct policy_handle
  2424. handle_type : 0x00000001 (1)
  2425. uuid : 37735cc2-a110-4c37-9c5e-ef31c82a9cd7
  2426. regdb_close: decrementing refcount (4->3)
  2427. winreg_CloseKey: struct winreg_CloseKey
  2428. out: struct winreg_CloseKey
  2429. handle : *
  2430. handle: struct policy_handle
  2431. handle_type : 0x00000000 (0)
  2432. uuid : 00000000-0000-0000-0000-000000000000
  2433. result : WERR_OK
  2434. winreg_CreateKey: struct winreg_CreateKey
  2435. in: struct winreg_CreateKey
  2436. handle : *
  2437. handle: struct policy_handle
  2438. handle_type : 0x00000001 (1)
  2439. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  2440. name: struct winreg_String
  2441. name_len : 0x0066 (102)
  2442. name_size : 0x0066 (102)
  2443. name : *
  2444. name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security'
  2445. keyclass: struct winreg_String
  2446. name_len : 0x0002 (2)
  2447. name_size : 0x0002 (2)
  2448. name : *
  2449. name : ''
  2450. options : 0x00000000 (0)
  2451. 0: REG_OPTION_VOLATILE
  2452. 0: REG_OPTION_CREATE_LINK
  2453. 0: REG_OPTION_BACKUP_RESTORE
  2454. 0: REG_OPTION_OPEN_LINK
  2455. access_mask : 0x02000000 (33554432)
  2456. 0: KEY_QUERY_VALUE
  2457. 0: KEY_SET_VALUE
  2458. 0: KEY_CREATE_SUB_KEY
  2459. 0: KEY_ENUMERATE_SUB_KEYS
  2460. 0: KEY_NOTIFY
  2461. 0: KEY_CREATE_LINK
  2462. 0: KEY_WOW64_64KEY
  2463. 0: KEY_WOW64_32KEY
  2464. secdesc : NULL
  2465. action_taken : *
  2466. action_taken : REG_OPENED_EXISTING_KEY (2)
  2467. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security'
  2468. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2469. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2470. regkey_open_onelevel: name = [SYSTEM]
  2471. regdb_open: incrementing refcount (3->4)
  2472. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  2473. pathtree_find: Enter [\HKLM\SYSTEM]
  2474. pathtree_find: Exit
  2475. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  2476. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2477. regkey_open_onelevel: name = [CurrentControlSet]
  2478. regdb_open: incrementing refcount (4->5)
  2479. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  2480. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  2481. pathtree_find: Exit
  2482. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  2483. regdb_close: decrementing refcount (5->4)
  2484. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2485. regkey_open_onelevel: name = [Services]
  2486. regdb_open: incrementing refcount (4->5)
  2487. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  2488. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  2489. pathtree_find: Exit
  2490. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  2491. regdb_close: decrementing refcount (5->4)
  2492. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2493. regkey_open_onelevel: name = [Spooler]
  2494. regdb_open: incrementing refcount (4->5)
  2495. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2496. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2497. pathtree_find: Exit
  2498. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler]
  2499. regdb_close: decrementing refcount (5->4)
  2500. regkey_open_onelevel: name = [Security]
  2501. regdb_open: incrementing refcount (4->5)
  2502. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
  2503. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
  2504. pathtree_find: Exit
  2505. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
  2506. regdb_close: decrementing refcount (5->4)
  2507. winreg_CreateKey: struct winreg_CreateKey
  2508. out: struct winreg_CreateKey
  2509. new_handle : *
  2510. new_handle: struct policy_handle
  2511. handle_type : 0x00000001 (1)
  2512. uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
  2513. action_taken : *
  2514. action_taken : REG_OPENED_EXISTING_KEY (2)
  2515. result : WERR_OK
  2516. winreg_SetValue: struct winreg_SetValue
  2517. in: struct winreg_SetValue
  2518. handle : *
  2519. handle: struct policy_handle
  2520. handle_type : 0x00000001 (1)
  2521. uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
  2522. name: struct winreg_String
  2523. name_len : 0x0012 (18)
  2524. name_size : 0x0012 (18)
  2525. name : *
  2526. name : 'Security'
  2527. type : REG_BINARY (3)
  2528. data : *
  2529. data: ARRAY(120)
  2530. [0] : 0x01 (1)
  2531. [1] : 0x00 (0)
  2532. [2] : 0x04 (4)
  2533. [3] : 0x80 (128)
  2534. [4] : 0x00 (0)
  2535. [5] : 0x00 (0)
  2536. [6] : 0x00 (0)
  2537. [7] : 0x00 (0)
  2538. [8] : 0x00 (0)
  2539. [9] : 0x00 (0)
  2540. [10] : 0x00 (0)
  2541. [11] : 0x00 (0)
  2542. [12] : 0x00 (0)
  2543. [13] : 0x00 (0)
  2544. [14] : 0x00 (0)
  2545. [15] : 0x00 (0)
  2546. [16] : 0x14 (20)
  2547. [17] : 0x00 (0)
  2548. [18] : 0x00 (0)
  2549. [19] : 0x00 (0)
  2550. [20] : 0x02 (2)
  2551. [21] : 0x00 (0)
  2552. [22] : 0x64 (100)
  2553. [23] : 0x00 (0)
  2554. [24] : 0x04 (4)
  2555. [25] : 0x00 (0)
  2556. [26] : 0x00 (0)
  2557. [27] : 0x00 (0)
  2558. [28] : 0x00 (0)
  2559. [29] : 0x00 (0)
  2560. [30] : 0x14 (20)
  2561. [31] : 0x00 (0)
  2562. [32] : 0x8d (141)
  2563. [33] : 0x01 (1)
  2564. [34] : 0x02 (2)
  2565. [35] : 0x00 (0)
  2566. [36] : 0x01 (1)
  2567. [37] : 0x01 (1)
  2568. [38] : 0x00 (0)
  2569. [39] : 0x00 (0)
  2570. [40] : 0x00 (0)
  2571. [41] : 0x00 (0)
  2572. [42] : 0x00 (0)
  2573. [43] : 0x01 (1)
  2574. [44] : 0x00 (0)
  2575. [45] : 0x00 (0)
  2576. [46] : 0x00 (0)
  2577. [47] : 0x00 (0)
  2578. [48] : 0x00 (0)
  2579. [49] : 0x00 (0)
  2580. [50] : 0x18 (24)
  2581. [51] : 0x00 (0)
  2582. [52] : 0xfd (253)
  2583. [53] : 0x01 (1)
  2584. [54] : 0x02 (2)
  2585. [55] : 0x00 (0)
  2586. [56] : 0x01 (1)
  2587. [57] : 0x02 (2)
  2588. [58] : 0x00 (0)
  2589. [59] : 0x00 (0)
  2590. [60] : 0x00 (0)
  2591. [61] : 0x00 (0)
  2592. [62] : 0x00 (0)
  2593. [63] : 0x05 (5)
  2594. [64] : 0x20 (32)
  2595. [65] : 0x00 (0)
  2596. [66] : 0x00 (0)
  2597. [67] : 0x00 (0)
  2598. [68] : 0x23 (35)
  2599. [69] : 0x02 (2)
  2600. [70] : 0x00 (0)
  2601. [71] : 0x00 (0)
  2602. [72] : 0x00 (0)
  2603. [73] : 0x00 (0)
  2604. [74] : 0x18 (24)
  2605. [75] : 0x00 (0)
  2606. [76] : 0xff (255)
  2607. [77] : 0x01 (1)
  2608. [78] : 0x0f (15)
  2609. [79] : 0x00 (0)
  2610. [80] : 0x01 (1)
  2611. [81] : 0x02 (2)
  2612. [82] : 0x00 (0)
  2613. [83] : 0x00 (0)
  2614. [84] : 0x00 (0)
  2615. [85] : 0x00 (0)
  2616. [86] : 0x00 (0)
  2617. [87] : 0x05 (5)
  2618. [88] : 0x20 (32)
  2619. [89] : 0x00 (0)
  2620. [90] : 0x00 (0)
  2621. [91] : 0x00 (0)
  2622. [92] : 0x25 (37)
  2623. [93] : 0x02 (2)
  2624. [94] : 0x00 (0)
  2625. [95] : 0x00 (0)
  2626. [96] : 0x00 (0)
  2627. [97] : 0x00 (0)
  2628. [98] : 0x18 (24)
  2629. [99] : 0x00 (0)
  2630. [100] : 0xff (255)
  2631. [101] : 0x01 (1)
  2632. [102] : 0x0f (15)
  2633. [103] : 0x00 (0)
  2634. [104] : 0x01 (1)
  2635. [105] : 0x02 (2)
  2636. [106] : 0x00 (0)
  2637. [107] : 0x00 (0)
  2638. [108] : 0x00 (0)
  2639. [109] : 0x00 (0)
  2640. [110] : 0x00 (0)
  2641. [111] : 0x05 (5)
  2642. [112] : 0x20 (32)
  2643. [113] : 0x00 (0)
  2644. [114] : 0x00 (0)
  2645. [115] : 0x00 (0)
  2646. [116] : 0x20 (32)
  2647. [117] : 0x02 (2)
  2648. [118] : 0x00 (0)
  2649. [119] : 0x00 (0)
  2650. size : 0x00000078 (120)
  2651. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security]
  2652. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2653. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0xb6c0524c)
  2654. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security]
  2655. regdb_unpack_values: value[0]: name[Security] len[120]
  2656. winreg_SetValue: struct winreg_SetValue
  2657. out: struct winreg_SetValue
  2658. result : WERR_OK
  2659. winreg_CloseKey: struct winreg_CloseKey
  2660. in: struct winreg_CloseKey
  2661. handle : *
  2662. handle: struct policy_handle
  2663. handle_type : 0x00000001 (1)
  2664. uuid : cd1bd01f-3454-49c8-bf27-69e46e266449
  2665. regdb_close: decrementing refcount (4->3)
  2666. winreg_CloseKey: struct winreg_CloseKey
  2667. out: struct winreg_CloseKey
  2668. handle : *
  2669. handle: struct policy_handle
  2670. handle_type : 0x00000000 (0)
  2671. uuid : 00000000-0000-0000-0000-000000000000
  2672. result : WERR_OK
  2673. winreg_CreateKey: struct winreg_CreateKey
  2674. in: struct winreg_CreateKey
  2675. handle : *
  2676. handle: struct policy_handle
  2677. handle_type : 0x00000001 (1)
  2678. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  2679. name: struct winreg_String
  2680. name_len : 0x0056 (86)
  2681. name_size : 0x0056 (86)
  2682. name : *
  2683. name : 'SYSTEM\CurrentControlSet\Services\NETLOGON'
  2684. keyclass: struct winreg_String
  2685. name_len : 0x0002 (2)
  2686. name_size : 0x0002 (2)
  2687. name : *
  2688. name : ''
  2689. options : 0x00000000 (0)
  2690. 0: REG_OPTION_VOLATILE
  2691. 0: REG_OPTION_CREATE_LINK
  2692. 0: REG_OPTION_BACKUP_RESTORE
  2693. 0: REG_OPTION_OPEN_LINK
  2694. access_mask : 0x02000000 (33554432)
  2695. 0: KEY_QUERY_VALUE
  2696. 0: KEY_SET_VALUE
  2697. 0: KEY_CREATE_SUB_KEY
  2698. 0: KEY_ENUMERATE_SUB_KEYS
  2699. 0: KEY_NOTIFY
  2700. 0: KEY_CREATE_LINK
  2701. 0: KEY_WOW64_64KEY
  2702. 0: KEY_WOW64_32KEY
  2703. secdesc : NULL
  2704. action_taken : *
  2705. action_taken : REG_ACTION_NONE (0)
  2706. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON'
  2707. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2708. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2709. regkey_open_onelevel: name = [SYSTEM]
  2710. regdb_open: incrementing refcount (3->4)
  2711. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  2712. pathtree_find: Enter [\HKLM\SYSTEM]
  2713. pathtree_find: Exit
  2714. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  2715. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2716. regkey_open_onelevel: name = [CurrentControlSet]
  2717. regdb_open: incrementing refcount (4->5)
  2718. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  2719. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  2720. pathtree_find: Exit
  2721. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  2722. regdb_close: decrementing refcount (5->4)
  2723. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  2724. regkey_open_onelevel: name = [Services]
  2725. regdb_open: incrementing refcount (4->5)
  2726. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  2727. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  2728. pathtree_find: Exit
  2729. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  2730. regdb_close: decrementing refcount (5->4)
  2731. regkey_open_onelevel: name = [NETLOGON]
  2732. regdb_open: incrementing refcount (4->5)
  2733. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  2734. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  2735. pathtree_find: Exit
  2736. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  2737. regdb_close: decrementing refcount (5->4)
  2738. winreg_CreateKey: struct winreg_CreateKey
  2739. out: struct winreg_CreateKey
  2740. new_handle : *
  2741. new_handle: struct policy_handle
  2742. handle_type : 0x00000001 (1)
  2743. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2744. action_taken : *
  2745. action_taken : REG_OPENED_EXISTING_KEY (2)
  2746. result : WERR_OK
  2747. winreg_SetValue: struct winreg_SetValue
  2748. in: struct winreg_SetValue
  2749. handle : *
  2750. handle: struct policy_handle
  2751. handle_type : 0x00000001 (1)
  2752. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2753. name: struct winreg_String
  2754. name_len : 0x000c (12)
  2755. name_size : 0x000c (12)
  2756. name : *
  2757. name : 'Start'
  2758. type : REG_DWORD (4)
  2759. data : *
  2760. data: ARRAY(4)
  2761. [0] : 0x02 (2)
  2762. [1] : 0x00 (0)
  2763. [2] : 0x00 (0)
  2764. [3] : 0x00 (0)
  2765. size : 0x00000004 (4)
  2766. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start]
  2767. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2768. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0xb6c0524c)
  2769. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  2770. regdb_unpack_values: value[0]: name[Start] len[4]
  2771. regdb_unpack_values: value[1]: name[Type] len[4]
  2772. regdb_unpack_values: value[2]: name[ErrorControl] len[4]
  2773. regdb_unpack_values: value[3]: name[ObjectName] len[24]
  2774. regdb_unpack_values: value[4]: name[DisplayName] len[20]
  2775. regdb_unpack_values: value[5]: name[ImagePath] len[54]
  2776. regdb_unpack_values: value[6]: name[Description] len[164]
  2777. winreg_SetValue: struct winreg_SetValue
  2778. out: struct winreg_SetValue
  2779. result : WERR_OK
  2780. winreg_SetValue: struct winreg_SetValue
  2781. in: struct winreg_SetValue
  2782. handle : *
  2783. handle: struct policy_handle
  2784. handle_type : 0x00000001 (1)
  2785. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2786. name: struct winreg_String
  2787. name_len : 0x000a (10)
  2788. name_size : 0x000a (10)
  2789. name : *
  2790. name : 'Type'
  2791. type : REG_DWORD (4)
  2792. data : *
  2793. data: ARRAY(4)
  2794. [0] : 0x10 (16)
  2795. [1] : 0x00 (0)
  2796. [2] : 0x00 (0)
  2797. [3] : 0x00 (0)
  2798. size : 0x00000004 (4)
  2799. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type]
  2800. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2801. winreg_SetValue: struct winreg_SetValue
  2802. out: struct winreg_SetValue
  2803. result : WERR_OK
  2804. winreg_SetValue: struct winreg_SetValue
  2805. in: struct winreg_SetValue
  2806. handle : *
  2807. handle: struct policy_handle
  2808. handle_type : 0x00000001 (1)
  2809. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2810. name: struct winreg_String
  2811. name_len : 0x001a (26)
  2812. name_size : 0x001a (26)
  2813. name : *
  2814. name : 'ErrorControl'
  2815. type : REG_DWORD (4)
  2816. data : *
  2817. data: ARRAY(4)
  2818. [0] : 0x01 (1)
  2819. [1] : 0x00 (0)
  2820. [2] : 0x00 (0)
  2821. [3] : 0x00 (0)
  2822. size : 0x00000004 (4)
  2823. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl]
  2824. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2825. winreg_SetValue: struct winreg_SetValue
  2826. out: struct winreg_SetValue
  2827. result : WERR_OK
  2828. winreg_SetValue: struct winreg_SetValue
  2829. in: struct winreg_SetValue
  2830. handle : *
  2831. handle: struct policy_handle
  2832. handle_type : 0x00000001 (1)
  2833. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2834. name: struct winreg_String
  2835. name_len : 0x0016 (22)
  2836. name_size : 0x0016 (22)
  2837. name : *
  2838. name : 'ObjectName'
  2839. type : REG_SZ (1)
  2840. data : *
  2841. data: ARRAY(24)
  2842. [0] : 0x4c (76)
  2843. [1] : 0x00 (0)
  2844. [2] : 0x6f (111)
  2845. [3] : 0x00 (0)
  2846. [4] : 0x63 (99)
  2847. [5] : 0x00 (0)
  2848. [6] : 0x61 (97)
  2849. [7] : 0x00 (0)
  2850. [8] : 0x6c (108)
  2851. [9] : 0x00 (0)
  2852. [10] : 0x53 (83)
  2853. [11] : 0x00 (0)
  2854. [12] : 0x79 (121)
  2855. [13] : 0x00 (0)
  2856. [14] : 0x73 (115)
  2857. [15] : 0x00 (0)
  2858. [16] : 0x74 (116)
  2859. [17] : 0x00 (0)
  2860. [18] : 0x65 (101)
  2861. [19] : 0x00 (0)
  2862. [20] : 0x6d (109)
  2863. [21] : 0x00 (0)
  2864. [22] : 0x00 (0)
  2865. [23] : 0x00 (0)
  2866. size : 0x00000018 (24)
  2867. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName]
  2868. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2869. winreg_SetValue: struct winreg_SetValue
  2870. out: struct winreg_SetValue
  2871. result : WERR_OK
  2872. winreg_SetValue: struct winreg_SetValue
  2873. in: struct winreg_SetValue
  2874. handle : *
  2875. handle: struct policy_handle
  2876. handle_type : 0x00000001 (1)
  2877. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2878. name: struct winreg_String
  2879. name_len : 0x0018 (24)
  2880. name_size : 0x0018 (24)
  2881. name : *
  2882. name : 'DisplayName'
  2883. type : REG_SZ (1)
  2884. data : *
  2885. data: ARRAY(20)
  2886. [0] : 0x4e (78)
  2887. [1] : 0x00 (0)
  2888. [2] : 0x65 (101)
  2889. [3] : 0x00 (0)
  2890. [4] : 0x74 (116)
  2891. [5] : 0x00 (0)
  2892. [6] : 0x20 (32)
  2893. [7] : 0x00 (0)
  2894. [8] : 0x4c (76)
  2895. [9] : 0x00 (0)
  2896. [10] : 0x6f (111)
  2897. [11] : 0x00 (0)
  2898. [12] : 0x67 (103)
  2899. [13] : 0x00 (0)
  2900. [14] : 0x6f (111)
  2901. [15] : 0x00 (0)
  2902. [16] : 0x6e (110)
  2903. [17] : 0x00 (0)
  2904. [18] : 0x00 (0)
  2905. [19] : 0x00 (0)
  2906. size : 0x00000014 (20)
  2907. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName]
  2908. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2909. winreg_SetValue: struct winreg_SetValue
  2910. out: struct winreg_SetValue
  2911. result : WERR_OK
  2912. winreg_SetValue: struct winreg_SetValue
  2913. in: struct winreg_SetValue
  2914. handle : *
  2915. handle: struct policy_handle
  2916. handle_type : 0x00000001 (1)
  2917. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2918. name: struct winreg_String
  2919. name_len : 0x0014 (20)
  2920. name_size : 0x0014 (20)
  2921. name : *
  2922. name : 'ImagePath'
  2923. type : REG_SZ (1)
  2924. data : *
  2925. data: ARRAY(54)
  2926. [0] : 0x2f (47)
  2927. [1] : 0x00 (0)
  2928. [2] : 0x75 (117)
  2929. [3] : 0x00 (0)
  2930. [4] : 0x73 (115)
  2931. [5] : 0x00 (0)
  2932. [6] : 0x72 (114)
  2933. [7] : 0x00 (0)
  2934. [8] : 0x2f (47)
  2935. [9] : 0x00 (0)
  2936. [10] : 0x6c (108)
  2937. [11] : 0x00 (0)
  2938. [12] : 0x69 (105)
  2939. [13] : 0x00 (0)
  2940. [14] : 0x62 (98)
  2941. [15] : 0x00 (0)
  2942. [16] : 0x2f (47)
  2943. [17] : 0x00 (0)
  2944. [18] : 0x73 (115)
  2945. [19] : 0x00 (0)
  2946. [20] : 0x61 (97)
  2947. [21] : 0x00 (0)
  2948. [22] : 0x6d (109)
  2949. [23] : 0x00 (0)
  2950. [24] : 0x62 (98)
  2951. [25] : 0x00 (0)
  2952. [26] : 0x61 (97)
  2953. [27] : 0x00 (0)
  2954. [28] : 0x2f (47)
  2955. [29] : 0x00 (0)
  2956. [30] : 0x73 (115)
  2957. [31] : 0x00 (0)
  2958. [32] : 0x76 (118)
  2959. [33] : 0x00 (0)
  2960. [34] : 0x63 (99)
  2961. [35] : 0x00 (0)
  2962. [36] : 0x63 (99)
  2963. [37] : 0x00 (0)
  2964. [38] : 0x74 (116)
  2965. [39] : 0x00 (0)
  2966. [40] : 0x6c (108)
  2967. [41] : 0x00 (0)
  2968. [42] : 0x2f (47)
  2969. [43] : 0x00 (0)
  2970. [44] : 0x73 (115)
  2971. [45] : 0x00 (0)
  2972. [46] : 0x6d (109)
  2973. [47] : 0x00 (0)
  2974. [48] : 0x62 (98)
  2975. [49] : 0x00 (0)
  2976. [50] : 0x64 (100)
  2977. [51] : 0x00 (0)
  2978. [52] : 0x00 (0)
  2979. [53] : 0x00 (0)
  2980. size : 0x00000036 (54)
  2981. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath]
  2982. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  2983. winreg_SetValue: struct winreg_SetValue
  2984. out: struct winreg_SetValue
  2985. result : WERR_OK
  2986. winreg_SetValue: struct winreg_SetValue
  2987. in: struct winreg_SetValue
  2988. handle : *
  2989. handle: struct policy_handle
  2990. handle_type : 0x00000001 (1)
  2991. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  2992. name: struct winreg_String
  2993. name_len : 0x0018 (24)
  2994. name_size : 0x0018 (24)
  2995. name : *
  2996. name : 'Description'
  2997. type : REG_SZ (1)
  2998. data : *
  2999. data: ARRAY(164)
  3000. [0] : 0x46 (70)
  3001. [1] : 0x00 (0)
  3002. [2] : 0x69 (105)
  3003. [3] : 0x00 (0)
  3004. [4] : 0x6c (108)
  3005. [5] : 0x00 (0)
  3006. [6] : 0x65 (101)
  3007. [7] : 0x00 (0)
  3008. [8] : 0x20 (32)
  3009. [9] : 0x00 (0)
  3010. [10] : 0x73 (115)
  3011. [11] : 0x00 (0)
  3012. [12] : 0x65 (101)
  3013. [13] : 0x00 (0)
  3014. [14] : 0x72 (114)
  3015. [15] : 0x00 (0)
  3016. [16] : 0x76 (118)
  3017. [17] : 0x00 (0)
  3018. [18] : 0x69 (105)
  3019. [19] : 0x00 (0)
  3020. [20] : 0x63 (99)
  3021. [21] : 0x00 (0)
  3022. [22] : 0x65 (101)
  3023. [23] : 0x00 (0)
  3024. [24] : 0x20 (32)
  3025. [25] : 0x00 (0)
  3026. [26] : 0x70 (112)
  3027. [27] : 0x00 (0)
  3028. [28] : 0x72 (114)
  3029. [29] : 0x00 (0)
  3030. [30] : 0x6f (111)
  3031. [31] : 0x00 (0)
  3032. [32] : 0x76 (118)
  3033. [33] : 0x00 (0)
  3034. [34] : 0x69 (105)
  3035. [35] : 0x00 (0)
  3036. [36] : 0x64 (100)
  3037. [37] : 0x00 (0)
  3038. [38] : 0x69 (105)
  3039. [39] : 0x00 (0)
  3040. [40] : 0x6e (110)
  3041. [41] : 0x00 (0)
  3042. [42] : 0x67 (103)
  3043. [43] : 0x00 (0)
  3044. [44] : 0x20 (32)
  3045. [45] : 0x00 (0)
  3046. [46] : 0x61 (97)
  3047. [47] : 0x00 (0)
  3048. [48] : 0x63 (99)
  3049. [49] : 0x00 (0)
  3050. [50] : 0x63 (99)
  3051. [51] : 0x00 (0)
  3052. [52] : 0x65 (101)
  3053. [53] : 0x00 (0)
  3054. [54] : 0x73 (115)
  3055. [55] : 0x00 (0)
  3056. [56] : 0x73 (115)
  3057. [57] : 0x00 (0)
  3058. [58] : 0x20 (32)
  3059. [59] : 0x00 (0)
  3060. [60] : 0x74 (116)
  3061. [61] : 0x00 (0)
  3062. [62] : 0x6f (111)
  3063. [63] : 0x00 (0)
  3064. [64] : 0x20 (32)
  3065. [65] : 0x00 (0)
  3066. [66] : 0x70 (112)
  3067. [67] : 0x00 (0)
  3068. [68] : 0x6f (111)
  3069. [69] : 0x00 (0)
  3070. [70] : 0x6c (108)
  3071. [71] : 0x00 (0)
  3072. [72] : 0x69 (105)
  3073. [73] : 0x00 (0)
  3074. [74] : 0x63 (99)
  3075. [75] : 0x00 (0)
  3076. [76] : 0x79 (121)
  3077. [77] : 0x00 (0)
  3078. [78] : 0x20 (32)
  3079. [79] : 0x00 (0)
  3080. [80] : 0x61 (97)
  3081. [81] : 0x00 (0)
  3082. [82] : 0x6e (110)
  3083. [83] : 0x00 (0)
  3084. [84] : 0x64 (100)
  3085. [85] : 0x00 (0)
  3086. [86] : 0x20 (32)
  3087. [87] : 0x00 (0)
  3088. [88] : 0x70 (112)
  3089. [89] : 0x00 (0)
  3090. [90] : 0x72 (114)
  3091. [91] : 0x00 (0)
  3092. [92] : 0x6f (111)
  3093. [93] : 0x00 (0)
  3094. [94] : 0x66 (102)
  3095. [95] : 0x00 (0)
  3096. [96] : 0x69 (105)
  3097. [97] : 0x00 (0)
  3098. [98] : 0x6c (108)
  3099. [99] : 0x00 (0)
  3100. [100] : 0x65 (101)
  3101. [101] : 0x00 (0)
  3102. [102] : 0x20 (32)
  3103. [103] : 0x00 (0)
  3104. [104] : 0x64 (100)
  3105. [105] : 0x00 (0)
  3106. [106] : 0x61 (97)
  3107. [107] : 0x00 (0)
  3108. [108] : 0x74 (116)
  3109. [109] : 0x00 (0)
  3110. [110] : 0x61 (97)
  3111. [111] : 0x00 (0)
  3112. [112] : 0x20 (32)
  3113. [113] : 0x00 (0)
  3114. [114] : 0x28 (40)
  3115. [115] : 0x00 (0)
  3116. [116] : 0x6e (110)
  3117. [117] : 0x00 (0)
  3118. [118] : 0x6f (111)
  3119. [119] : 0x00 (0)
  3120. [120] : 0x74 (116)
  3121. [121] : 0x00 (0)
  3122. [122] : 0x72 (114)
  3123. [123] : 0x00 (0)
  3124. [124] : 0x65 (101)
  3125. [125] : 0x00 (0)
  3126. [126] : 0x6d (109)
  3127. [127] : 0x00 (0)
  3128. [128] : 0x6f (111)
  3129. [129] : 0x00 (0)
  3130. [130] : 0x74 (116)
  3131. [131] : 0x00 (0)
  3132. [132] : 0x65 (101)
  3133. [133] : 0x00 (0)
  3134. [134] : 0x6c (108)
  3135. [135] : 0x00 (0)
  3136. [136] : 0x79 (121)
  3137. [137] : 0x00 (0)
  3138. [138] : 0x20 (32)
  3139. [139] : 0x00 (0)
  3140. [140] : 0x6d (109)
  3141. [141] : 0x00 (0)
  3142. [142] : 0x61 (97)
  3143. [143] : 0x00 (0)
  3144. [144] : 0x6e (110)
  3145. [145] : 0x00 (0)
  3146. [146] : 0x61 (97)
  3147. [147] : 0x00 (0)
  3148. [148] : 0x67 (103)
  3149. [149] : 0x00 (0)
  3150. [150] : 0x65 (101)
  3151. [151] : 0x00 (0)
  3152. [152] : 0x61 (97)
  3153. [153] : 0x00 (0)
  3154. [154] : 0x62 (98)
  3155. [155] : 0x00 (0)
  3156. [156] : 0x6c (108)
  3157. [157] : 0x00 (0)
  3158. [158] : 0x65 (101)
  3159. [159] : 0x00 (0)
  3160. [160] : 0x29 (41)
  3161. [161] : 0x00 (0)
  3162. [162] : 0x00 (0)
  3163. [163] : 0x00 (0)
  3164. size : 0x000000a4 (164)
  3165. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description]
  3166. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3167. winreg_SetValue: struct winreg_SetValue
  3168. out: struct winreg_SetValue
  3169. result : WERR_OK
  3170. winreg_CloseKey: struct winreg_CloseKey
  3171. in: struct winreg_CloseKey
  3172. handle : *
  3173. handle: struct policy_handle
  3174. handle_type : 0x00000001 (1)
  3175. uuid : b08fa84b-3ba2-4563-a669-3ed545aea205
  3176. regdb_close: decrementing refcount (4->3)
  3177. winreg_CloseKey: struct winreg_CloseKey
  3178. out: struct winreg_CloseKey
  3179. handle : *
  3180. handle: struct policy_handle
  3181. handle_type : 0x00000000 (0)
  3182. uuid : 00000000-0000-0000-0000-000000000000
  3183. result : WERR_OK
  3184. winreg_CreateKey: struct winreg_CreateKey
  3185. in: struct winreg_CreateKey
  3186. handle : *
  3187. handle: struct policy_handle
  3188. handle_type : 0x00000001 (1)
  3189. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  3190. name: struct winreg_String
  3191. name_len : 0x0068 (104)
  3192. name_size : 0x0068 (104)
  3193. name : *
  3194. name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security'
  3195. keyclass: struct winreg_String
  3196. name_len : 0x0002 (2)
  3197. name_size : 0x0002 (2)
  3198. name : *
  3199. name : ''
  3200. options : 0x00000000 (0)
  3201. 0: REG_OPTION_VOLATILE
  3202. 0: REG_OPTION_CREATE_LINK
  3203. 0: REG_OPTION_BACKUP_RESTORE
  3204. 0: REG_OPTION_OPEN_LINK
  3205. access_mask : 0x02000000 (33554432)
  3206. 0: KEY_QUERY_VALUE
  3207. 0: KEY_SET_VALUE
  3208. 0: KEY_CREATE_SUB_KEY
  3209. 0: KEY_ENUMERATE_SUB_KEYS
  3210. 0: KEY_NOTIFY
  3211. 0: KEY_CREATE_LINK
  3212. 0: KEY_WOW64_64KEY
  3213. 0: KEY_WOW64_32KEY
  3214. secdesc : NULL
  3215. action_taken : *
  3216. action_taken : REG_OPENED_EXISTING_KEY (2)
  3217. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security'
  3218. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3219. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3220. regkey_open_onelevel: name = [SYSTEM]
  3221. regdb_open: incrementing refcount (3->4)
  3222. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  3223. pathtree_find: Enter [\HKLM\SYSTEM]
  3224. pathtree_find: Exit
  3225. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  3226. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3227. regkey_open_onelevel: name = [CurrentControlSet]
  3228. regdb_open: incrementing refcount (4->5)
  3229. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  3230. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  3231. pathtree_find: Exit
  3232. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  3233. regdb_close: decrementing refcount (5->4)
  3234. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3235. regkey_open_onelevel: name = [Services]
  3236. regdb_open: incrementing refcount (4->5)
  3237. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  3238. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  3239. pathtree_find: Exit
  3240. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  3241. regdb_close: decrementing refcount (5->4)
  3242. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3243. regkey_open_onelevel: name = [NETLOGON]
  3244. regdb_open: incrementing refcount (4->5)
  3245. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  3246. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  3247. pathtree_find: Exit
  3248. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON]
  3249. regdb_close: decrementing refcount (5->4)
  3250. regkey_open_onelevel: name = [Security]
  3251. regdb_open: incrementing refcount (4->5)
  3252. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
  3253. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
  3254. pathtree_find: Exit
  3255. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
  3256. regdb_close: decrementing refcount (5->4)
  3257. winreg_CreateKey: struct winreg_CreateKey
  3258. out: struct winreg_CreateKey
  3259. new_handle : *
  3260. new_handle: struct policy_handle
  3261. handle_type : 0x00000001 (1)
  3262. uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
  3263. action_taken : *
  3264. action_taken : REG_OPENED_EXISTING_KEY (2)
  3265. result : WERR_OK
  3266. winreg_SetValue: struct winreg_SetValue
  3267. in: struct winreg_SetValue
  3268. handle : *
  3269. handle: struct policy_handle
  3270. handle_type : 0x00000001 (1)
  3271. uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
  3272. name: struct winreg_String
  3273. name_len : 0x0012 (18)
  3274. name_size : 0x0012 (18)
  3275. name : *
  3276. name : 'Security'
  3277. type : REG_BINARY (3)
  3278. data : *
  3279. data: ARRAY(120)
  3280. [0] : 0x01 (1)
  3281. [1] : 0x00 (0)
  3282. [2] : 0x04 (4)
  3283. [3] : 0x80 (128)
  3284. [4] : 0x00 (0)
  3285. [5] : 0x00 (0)
  3286. [6] : 0x00 (0)
  3287. [7] : 0x00 (0)
  3288. [8] : 0x00 (0)
  3289. [9] : 0x00 (0)
  3290. [10] : 0x00 (0)
  3291. [11] : 0x00 (0)
  3292. [12] : 0x00 (0)
  3293. [13] : 0x00 (0)
  3294. [14] : 0x00 (0)
  3295. [15] : 0x00 (0)
  3296. [16] : 0x14 (20)
  3297. [17] : 0x00 (0)
  3298. [18] : 0x00 (0)
  3299. [19] : 0x00 (0)
  3300. [20] : 0x02 (2)
  3301. [21] : 0x00 (0)
  3302. [22] : 0x64 (100)
  3303. [23] : 0x00 (0)
  3304. [24] : 0x04 (4)
  3305. [25] : 0x00 (0)
  3306. [26] : 0x00 (0)
  3307. [27] : 0x00 (0)
  3308. [28] : 0x00 (0)
  3309. [29] : 0x00 (0)
  3310. [30] : 0x14 (20)
  3311. [31] : 0x00 (0)
  3312. [32] : 0x8d (141)
  3313. [33] : 0x01 (1)
  3314. [34] : 0x02 (2)
  3315. [35] : 0x00 (0)
  3316. [36] : 0x01 (1)
  3317. [37] : 0x01 (1)
  3318. [38] : 0x00 (0)
  3319. [39] : 0x00 (0)
  3320. [40] : 0x00 (0)
  3321. [41] : 0x00 (0)
  3322. [42] : 0x00 (0)
  3323. [43] : 0x01 (1)
  3324. [44] : 0x00 (0)
  3325. [45] : 0x00 (0)
  3326. [46] : 0x00 (0)
  3327. [47] : 0x00 (0)
  3328. [48] : 0x00 (0)
  3329. [49] : 0x00 (0)
  3330. [50] : 0x18 (24)
  3331. [51] : 0x00 (0)
  3332. [52] : 0xfd (253)
  3333. [53] : 0x01 (1)
  3334. [54] : 0x02 (2)
  3335. [55] : 0x00 (0)
  3336. [56] : 0x01 (1)
  3337. [57] : 0x02 (2)
  3338. [58] : 0x00 (0)
  3339. [59] : 0x00 (0)
  3340. [60] : 0x00 (0)
  3341. [61] : 0x00 (0)
  3342. [62] : 0x00 (0)
  3343. [63] : 0x05 (5)
  3344. [64] : 0x20 (32)
  3345. [65] : 0x00 (0)
  3346. [66] : 0x00 (0)
  3347. [67] : 0x00 (0)
  3348. [68] : 0x23 (35)
  3349. [69] : 0x02 (2)
  3350. [70] : 0x00 (0)
  3351. [71] : 0x00 (0)
  3352. [72] : 0x00 (0)
  3353. [73] : 0x00 (0)
  3354. [74] : 0x18 (24)
  3355. [75] : 0x00 (0)
  3356. [76] : 0xff (255)
  3357. [77] : 0x01 (1)
  3358. [78] : 0x0f (15)
  3359. [79] : 0x00 (0)
  3360. [80] : 0x01 (1)
  3361. [81] : 0x02 (2)
  3362. [82] : 0x00 (0)
  3363. [83] : 0x00 (0)
  3364. [84] : 0x00 (0)
  3365. [85] : 0x00 (0)
  3366. [86] : 0x00 (0)
  3367. [87] : 0x05 (5)
  3368. [88] : 0x20 (32)
  3369. [89] : 0x00 (0)
  3370. [90] : 0x00 (0)
  3371. [91] : 0x00 (0)
  3372. [92] : 0x25 (37)
  3373. [93] : 0x02 (2)
  3374. [94] : 0x00 (0)
  3375. [95] : 0x00 (0)
  3376. [96] : 0x00 (0)
  3377. [97] : 0x00 (0)
  3378. [98] : 0x18 (24)
  3379. [99] : 0x00 (0)
  3380. [100] : 0xff (255)
  3381. [101] : 0x01 (1)
  3382. [102] : 0x0f (15)
  3383. [103] : 0x00 (0)
  3384. [104] : 0x01 (1)
  3385. [105] : 0x02 (2)
  3386. [106] : 0x00 (0)
  3387. [107] : 0x00 (0)
  3388. [108] : 0x00 (0)
  3389. [109] : 0x00 (0)
  3390. [110] : 0x00 (0)
  3391. [111] : 0x05 (5)
  3392. [112] : 0x20 (32)
  3393. [113] : 0x00 (0)
  3394. [114] : 0x00 (0)
  3395. [115] : 0x00 (0)
  3396. [116] : 0x20 (32)
  3397. [117] : 0x02 (2)
  3398. [118] : 0x00 (0)
  3399. [119] : 0x00 (0)
  3400. size : 0x00000078 (120)
  3401. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security]
  3402. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3403. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0xb6c0524c)
  3404. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security]
  3405. regdb_unpack_values: value[0]: name[Security] len[120]
  3406. winreg_SetValue: struct winreg_SetValue
  3407. out: struct winreg_SetValue
  3408. result : WERR_OK
  3409. winreg_CloseKey: struct winreg_CloseKey
  3410. in: struct winreg_CloseKey
  3411. handle : *
  3412. handle: struct policy_handle
  3413. handle_type : 0x00000001 (1)
  3414. uuid : a0d187d6-bc57-4da8-8167-d52623ab4a1c
  3415. regdb_close: decrementing refcount (4->3)
  3416. winreg_CloseKey: struct winreg_CloseKey
  3417. out: struct winreg_CloseKey
  3418. handle : *
  3419. handle: struct policy_handle
  3420. handle_type : 0x00000000 (0)
  3421. uuid : 00000000-0000-0000-0000-000000000000
  3422. result : WERR_OK
  3423. winreg_CreateKey: struct winreg_CreateKey
  3424. in: struct winreg_CreateKey
  3425. handle : *
  3426. handle: struct policy_handle
  3427. handle_type : 0x00000001 (1)
  3428. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  3429. name: struct winreg_String
  3430. name_len : 0x0062 (98)
  3431. name_size : 0x0062 (98)
  3432. name : *
  3433. name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry'
  3434. keyclass: struct winreg_String
  3435. name_len : 0x0002 (2)
  3436. name_size : 0x0002 (2)
  3437. name : *
  3438. name : ''
  3439. options : 0x00000000 (0)
  3440. 0: REG_OPTION_VOLATILE
  3441. 0: REG_OPTION_CREATE_LINK
  3442. 0: REG_OPTION_BACKUP_RESTORE
  3443. 0: REG_OPTION_OPEN_LINK
  3444. access_mask : 0x02000000 (33554432)
  3445. 0: KEY_QUERY_VALUE
  3446. 0: KEY_SET_VALUE
  3447. 0: KEY_CREATE_SUB_KEY
  3448. 0: KEY_ENUMERATE_SUB_KEYS
  3449. 0: KEY_NOTIFY
  3450. 0: KEY_CREATE_LINK
  3451. 0: KEY_WOW64_64KEY
  3452. 0: KEY_WOW64_32KEY
  3453. secdesc : NULL
  3454. action_taken : *
  3455. action_taken : REG_ACTION_NONE (0)
  3456. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry'
  3457. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3458. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3459. regkey_open_onelevel: name = [SYSTEM]
  3460. regdb_open: incrementing refcount (3->4)
  3461. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  3462. pathtree_find: Enter [\HKLM\SYSTEM]
  3463. pathtree_find: Exit
  3464. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  3465. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3466. regkey_open_onelevel: name = [CurrentControlSet]
  3467. regdb_open: incrementing refcount (4->5)
  3468. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  3469. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  3470. pathtree_find: Exit
  3471. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  3472. regdb_close: decrementing refcount (5->4)
  3473. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3474. regkey_open_onelevel: name = [Services]
  3475. regdb_open: incrementing refcount (4->5)
  3476. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  3477. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  3478. pathtree_find: Exit
  3479. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  3480. regdb_close: decrementing refcount (5->4)
  3481. regkey_open_onelevel: name = [RemoteRegistry]
  3482. regdb_open: incrementing refcount (4->5)
  3483. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3484. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3485. pathtree_find: Exit
  3486. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3487. regdb_close: decrementing refcount (5->4)
  3488. winreg_CreateKey: struct winreg_CreateKey
  3489. out: struct winreg_CreateKey
  3490. new_handle : *
  3491. new_handle: struct policy_handle
  3492. handle_type : 0x00000001 (1)
  3493. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3494. action_taken : *
  3495. action_taken : REG_OPENED_EXISTING_KEY (2)
  3496. result : WERR_OK
  3497. winreg_SetValue: struct winreg_SetValue
  3498. in: struct winreg_SetValue
  3499. handle : *
  3500. handle: struct policy_handle
  3501. handle_type : 0x00000001 (1)
  3502. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3503. name: struct winreg_String
  3504. name_len : 0x000c (12)
  3505. name_size : 0x000c (12)
  3506. name : *
  3507. name : 'Start'
  3508. type : REG_DWORD (4)
  3509. data : *
  3510. data: ARRAY(4)
  3511. [0] : 0x02 (2)
  3512. [1] : 0x00 (0)
  3513. [2] : 0x00 (0)
  3514. [3] : 0x00 (0)
  3515. size : 0x00000004 (4)
  3516. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start]
  3517. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3518. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0xb6c0524c)
  3519. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3520. regdb_unpack_values: value[0]: name[Start] len[4]
  3521. regdb_unpack_values: value[1]: name[Type] len[4]
  3522. regdb_unpack_values: value[2]: name[ErrorControl] len[4]
  3523. regdb_unpack_values: value[3]: name[ObjectName] len[24]
  3524. regdb_unpack_values: value[4]: name[DisplayName] len[48]
  3525. regdb_unpack_values: value[5]: name[ImagePath] len[54]
  3526. regdb_unpack_values: value[6]: name[Description] len[126]
  3527. winreg_SetValue: struct winreg_SetValue
  3528. out: struct winreg_SetValue
  3529. result : WERR_OK
  3530. winreg_SetValue: struct winreg_SetValue
  3531. in: struct winreg_SetValue
  3532. handle : *
  3533. handle: struct policy_handle
  3534. handle_type : 0x00000001 (1)
  3535. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3536. name: struct winreg_String
  3537. name_len : 0x000a (10)
  3538. name_size : 0x000a (10)
  3539. name : *
  3540. name : 'Type'
  3541. type : REG_DWORD (4)
  3542. data : *
  3543. data: ARRAY(4)
  3544. [0] : 0x10 (16)
  3545. [1] : 0x00 (0)
  3546. [2] : 0x00 (0)
  3547. [3] : 0x00 (0)
  3548. size : 0x00000004 (4)
  3549. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type]
  3550. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3551. winreg_SetValue: struct winreg_SetValue
  3552. out: struct winreg_SetValue
  3553. result : WERR_OK
  3554. winreg_SetValue: struct winreg_SetValue
  3555. in: struct winreg_SetValue
  3556. handle : *
  3557. handle: struct policy_handle
  3558. handle_type : 0x00000001 (1)
  3559. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3560. name: struct winreg_String
  3561. name_len : 0x001a (26)
  3562. name_size : 0x001a (26)
  3563. name : *
  3564. name : 'ErrorControl'
  3565. type : REG_DWORD (4)
  3566. data : *
  3567. data: ARRAY(4)
  3568. [0] : 0x01 (1)
  3569. [1] : 0x00 (0)
  3570. [2] : 0x00 (0)
  3571. [3] : 0x00 (0)
  3572. size : 0x00000004 (4)
  3573. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl]
  3574. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3575. winreg_SetValue: struct winreg_SetValue
  3576. out: struct winreg_SetValue
  3577. result : WERR_OK
  3578. winreg_SetValue: struct winreg_SetValue
  3579. in: struct winreg_SetValue
  3580. handle : *
  3581. handle: struct policy_handle
  3582. handle_type : 0x00000001 (1)
  3583. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3584. name: struct winreg_String
  3585. name_len : 0x0016 (22)
  3586. name_size : 0x0016 (22)
  3587. name : *
  3588. name : 'ObjectName'
  3589. type : REG_SZ (1)
  3590. data : *
  3591. data: ARRAY(24)
  3592. [0] : 0x4c (76)
  3593. [1] : 0x00 (0)
  3594. [2] : 0x6f (111)
  3595. [3] : 0x00 (0)
  3596. [4] : 0x63 (99)
  3597. [5] : 0x00 (0)
  3598. [6] : 0x61 (97)
  3599. [7] : 0x00 (0)
  3600. [8] : 0x6c (108)
  3601. [9] : 0x00 (0)
  3602. [10] : 0x53 (83)
  3603. [11] : 0x00 (0)
  3604. [12] : 0x79 (121)
  3605. [13] : 0x00 (0)
  3606. [14] : 0x73 (115)
  3607. [15] : 0x00 (0)
  3608. [16] : 0x74 (116)
  3609. [17] : 0x00 (0)
  3610. [18] : 0x65 (101)
  3611. [19] : 0x00 (0)
  3612. [20] : 0x6d (109)
  3613. [21] : 0x00 (0)
  3614. [22] : 0x00 (0)
  3615. [23] : 0x00 (0)
  3616. size : 0x00000018 (24)
  3617. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName]
  3618. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3619. winreg_SetValue: struct winreg_SetValue
  3620. out: struct winreg_SetValue
  3621. result : WERR_OK
  3622. winreg_SetValue: struct winreg_SetValue
  3623. in: struct winreg_SetValue
  3624. handle : *
  3625. handle: struct policy_handle
  3626. handle_type : 0x00000001 (1)
  3627. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3628. name: struct winreg_String
  3629. name_len : 0x0018 (24)
  3630. name_size : 0x0018 (24)
  3631. name : *
  3632. name : 'DisplayName'
  3633. type : REG_SZ (1)
  3634. data : *
  3635. data: ARRAY(48)
  3636. [0] : 0x52 (82)
  3637. [1] : 0x00 (0)
  3638. [2] : 0x65 (101)
  3639. [3] : 0x00 (0)
  3640. [4] : 0x6d (109)
  3641. [5] : 0x00 (0)
  3642. [6] : 0x6f (111)
  3643. [7] : 0x00 (0)
  3644. [8] : 0x74 (116)
  3645. [9] : 0x00 (0)
  3646. [10] : 0x65 (101)
  3647. [11] : 0x00 (0)
  3648. [12] : 0x20 (32)
  3649. [13] : 0x00 (0)
  3650. [14] : 0x52 (82)
  3651. [15] : 0x00 (0)
  3652. [16] : 0x65 (101)
  3653. [17] : 0x00 (0)
  3654. [18] : 0x67 (103)
  3655. [19] : 0x00 (0)
  3656. [20] : 0x69 (105)
  3657. [21] : 0x00 (0)
  3658. [22] : 0x73 (115)
  3659. [23] : 0x00 (0)
  3660. [24] : 0x74 (116)
  3661. [25] : 0x00 (0)
  3662. [26] : 0x72 (114)
  3663. [27] : 0x00 (0)
  3664. [28] : 0x79 (121)
  3665. [29] : 0x00 (0)
  3666. [30] : 0x20 (32)
  3667. [31] : 0x00 (0)
  3668. [32] : 0x53 (83)
  3669. [33] : 0x00 (0)
  3670. [34] : 0x65 (101)
  3671. [35] : 0x00 (0)
  3672. [36] : 0x72 (114)
  3673. [37] : 0x00 (0)
  3674. [38] : 0x76 (118)
  3675. [39] : 0x00 (0)
  3676. [40] : 0x69 (105)
  3677. [41] : 0x00 (0)
  3678. [42] : 0x63 (99)
  3679. [43] : 0x00 (0)
  3680. [44] : 0x65 (101)
  3681. [45] : 0x00 (0)
  3682. [46] : 0x00 (0)
  3683. [47] : 0x00 (0)
  3684. size : 0x00000030 (48)
  3685. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName]
  3686. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3687. winreg_SetValue: struct winreg_SetValue
  3688. out: struct winreg_SetValue
  3689. result : WERR_OK
  3690. winreg_SetValue: struct winreg_SetValue
  3691. in: struct winreg_SetValue
  3692. handle : *
  3693. handle: struct policy_handle
  3694. handle_type : 0x00000001 (1)
  3695. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3696. name: struct winreg_String
  3697. name_len : 0x0014 (20)
  3698. name_size : 0x0014 (20)
  3699. name : *
  3700. name : 'ImagePath'
  3701. type : REG_SZ (1)
  3702. data : *
  3703. data: ARRAY(54)
  3704. [0] : 0x2f (47)
  3705. [1] : 0x00 (0)
  3706. [2] : 0x75 (117)
  3707. [3] : 0x00 (0)
  3708. [4] : 0x73 (115)
  3709. [5] : 0x00 (0)
  3710. [6] : 0x72 (114)
  3711. [7] : 0x00 (0)
  3712. [8] : 0x2f (47)
  3713. [9] : 0x00 (0)
  3714. [10] : 0x6c (108)
  3715. [11] : 0x00 (0)
  3716. [12] : 0x69 (105)
  3717. [13] : 0x00 (0)
  3718. [14] : 0x62 (98)
  3719. [15] : 0x00 (0)
  3720. [16] : 0x2f (47)
  3721. [17] : 0x00 (0)
  3722. [18] : 0x73 (115)
  3723. [19] : 0x00 (0)
  3724. [20] : 0x61 (97)
  3725. [21] : 0x00 (0)
  3726. [22] : 0x6d (109)
  3727. [23] : 0x00 (0)
  3728. [24] : 0x62 (98)
  3729. [25] : 0x00 (0)
  3730. [26] : 0x61 (97)
  3731. [27] : 0x00 (0)
  3732. [28] : 0x2f (47)
  3733. [29] : 0x00 (0)
  3734. [30] : 0x73 (115)
  3735. [31] : 0x00 (0)
  3736. [32] : 0x76 (118)
  3737. [33] : 0x00 (0)
  3738. [34] : 0x63 (99)
  3739. [35] : 0x00 (0)
  3740. [36] : 0x63 (99)
  3741. [37] : 0x00 (0)
  3742. [38] : 0x74 (116)
  3743. [39] : 0x00 (0)
  3744. [40] : 0x6c (108)
  3745. [41] : 0x00 (0)
  3746. [42] : 0x2f (47)
  3747. [43] : 0x00 (0)
  3748. [44] : 0x73 (115)
  3749. [45] : 0x00 (0)
  3750. [46] : 0x6d (109)
  3751. [47] : 0x00 (0)
  3752. [48] : 0x62 (98)
  3753. [49] : 0x00 (0)
  3754. [50] : 0x64 (100)
  3755. [51] : 0x00 (0)
  3756. [52] : 0x00 (0)
  3757. [53] : 0x00 (0)
  3758. size : 0x00000036 (54)
  3759. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath]
  3760. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3761. winreg_SetValue: struct winreg_SetValue
  3762. out: struct winreg_SetValue
  3763. result : WERR_OK
  3764. winreg_SetValue: struct winreg_SetValue
  3765. in: struct winreg_SetValue
  3766. handle : *
  3767. handle: struct policy_handle
  3768. handle_type : 0x00000001 (1)
  3769. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3770. name: struct winreg_String
  3771. name_len : 0x0018 (24)
  3772. name_size : 0x0018 (24)
  3773. name : *
  3774. name : 'Description'
  3775. type : REG_SZ (1)
  3776. data : *
  3777. data: ARRAY(126)
  3778. [0] : 0x49 (73)
  3779. [1] : 0x00 (0)
  3780. [2] : 0x6e (110)
  3781. [3] : 0x00 (0)
  3782. [4] : 0x74 (116)
  3783. [5] : 0x00 (0)
  3784. [6] : 0x65 (101)
  3785. [7] : 0x00 (0)
  3786. [8] : 0x72 (114)
  3787. [9] : 0x00 (0)
  3788. [10] : 0x6e (110)
  3789. [11] : 0x00 (0)
  3790. [12] : 0x61 (97)
  3791. [13] : 0x00 (0)
  3792. [14] : 0x6c (108)
  3793. [15] : 0x00 (0)
  3794. [16] : 0x20 (32)
  3795. [17] : 0x00 (0)
  3796. [18] : 0x73 (115)
  3797. [19] : 0x00 (0)
  3798. [20] : 0x65 (101)
  3799. [21] : 0x00 (0)
  3800. [22] : 0x72 (114)
  3801. [23] : 0x00 (0)
  3802. [24] : 0x76 (118)
  3803. [25] : 0x00 (0)
  3804. [26] : 0x69 (105)
  3805. [27] : 0x00 (0)
  3806. [28] : 0x63 (99)
  3807. [29] : 0x00 (0)
  3808. [30] : 0x65 (101)
  3809. [31] : 0x00 (0)
  3810. [32] : 0x20 (32)
  3811. [33] : 0x00 (0)
  3812. [34] : 0x70 (112)
  3813. [35] : 0x00 (0)
  3814. [36] : 0x72 (114)
  3815. [37] : 0x00 (0)
  3816. [38] : 0x6f (111)
  3817. [39] : 0x00 (0)
  3818. [40] : 0x76 (118)
  3819. [41] : 0x00 (0)
  3820. [42] : 0x69 (105)
  3821. [43] : 0x00 (0)
  3822. [44] : 0x64 (100)
  3823. [45] : 0x00 (0)
  3824. [46] : 0x69 (105)
  3825. [47] : 0x00 (0)
  3826. [48] : 0x6e (110)
  3827. [49] : 0x00 (0)
  3828. [50] : 0x67 (103)
  3829. [51] : 0x00 (0)
  3830. [52] : 0x20 (32)
  3831. [53] : 0x00 (0)
  3832. [54] : 0x72 (114)
  3833. [55] : 0x00 (0)
  3834. [56] : 0x65 (101)
  3835. [57] : 0x00 (0)
  3836. [58] : 0x6d (109)
  3837. [59] : 0x00 (0)
  3838. [60] : 0x6f (111)
  3839. [61] : 0x00 (0)
  3840. [62] : 0x74 (116)
  3841. [63] : 0x00 (0)
  3842. [64] : 0x65 (101)
  3843. [65] : 0x00 (0)
  3844. [66] : 0x20 (32)
  3845. [67] : 0x00 (0)
  3846. [68] : 0x61 (97)
  3847. [69] : 0x00 (0)
  3848. [70] : 0x63 (99)
  3849. [71] : 0x00 (0)
  3850. [72] : 0x63 (99)
  3851. [73] : 0x00 (0)
  3852. [74] : 0x65 (101)
  3853. [75] : 0x00 (0)
  3854. [76] : 0x73 (115)
  3855. [77] : 0x00 (0)
  3856. [78] : 0x73 (115)
  3857. [79] : 0x00 (0)
  3858. [80] : 0x20 (32)
  3859. [81] : 0x00 (0)
  3860. [82] : 0x74 (116)
  3861. [83] : 0x00 (0)
  3862. [84] : 0x6f (111)
  3863. [85] : 0x00 (0)
  3864. [86] : 0x20 (32)
  3865. [87] : 0x00 (0)
  3866. [88] : 0x74 (116)
  3867. [89] : 0x00 (0)
  3868. [90] : 0x68 (104)
  3869. [91] : 0x00 (0)
  3870. [92] : 0x65 (101)
  3871. [93] : 0x00 (0)
  3872. [94] : 0x20 (32)
  3873. [95] : 0x00 (0)
  3874. [96] : 0x53 (83)
  3875. [97] : 0x00 (0)
  3876. [98] : 0x61 (97)
  3877. [99] : 0x00 (0)
  3878. [100] : 0x6d (109)
  3879. [101] : 0x00 (0)
  3880. [102] : 0x62 (98)
  3881. [103] : 0x00 (0)
  3882. [104] : 0x61 (97)
  3883. [105] : 0x00 (0)
  3884. [106] : 0x20 (32)
  3885. [107] : 0x00 (0)
  3886. [108] : 0x72 (114)
  3887. [109] : 0x00 (0)
  3888. [110] : 0x65 (101)
  3889. [111] : 0x00 (0)
  3890. [112] : 0x67 (103)
  3891. [113] : 0x00 (0)
  3892. [114] : 0x69 (105)
  3893. [115] : 0x00 (0)
  3894. [116] : 0x73 (115)
  3895. [117] : 0x00 (0)
  3896. [118] : 0x74 (116)
  3897. [119] : 0x00 (0)
  3898. [120] : 0x72 (114)
  3899. [121] : 0x00 (0)
  3900. [122] : 0x79 (121)
  3901. [123] : 0x00 (0)
  3902. [124] : 0x00 (0)
  3903. [125] : 0x00 (0)
  3904. size : 0x0000007e (126)
  3905. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description]
  3906. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3907. winreg_SetValue: struct winreg_SetValue
  3908. out: struct winreg_SetValue
  3909. result : WERR_OK
  3910. winreg_CloseKey: struct winreg_CloseKey
  3911. in: struct winreg_CloseKey
  3912. handle : *
  3913. handle: struct policy_handle
  3914. handle_type : 0x00000001 (1)
  3915. uuid : 14ec8079-5177-43ca-b7a4-5f687aa7839a
  3916. regdb_close: decrementing refcount (4->3)
  3917. winreg_CloseKey: struct winreg_CloseKey
  3918. out: struct winreg_CloseKey
  3919. handle : *
  3920. handle: struct policy_handle
  3921. handle_type : 0x00000000 (0)
  3922. uuid : 00000000-0000-0000-0000-000000000000
  3923. result : WERR_OK
  3924. winreg_CreateKey: struct winreg_CreateKey
  3925. in: struct winreg_CreateKey
  3926. handle : *
  3927. handle: struct policy_handle
  3928. handle_type : 0x00000001 (1)
  3929. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  3930. name: struct winreg_String
  3931. name_len : 0x0074 (116)
  3932. name_size : 0x0074 (116)
  3933. name : *
  3934. name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security'
  3935. keyclass: struct winreg_String
  3936. name_len : 0x0002 (2)
  3937. name_size : 0x0002 (2)
  3938. name : *
  3939. name : ''
  3940. options : 0x00000000 (0)
  3941. 0: REG_OPTION_VOLATILE
  3942. 0: REG_OPTION_CREATE_LINK
  3943. 0: REG_OPTION_BACKUP_RESTORE
  3944. 0: REG_OPTION_OPEN_LINK
  3945. access_mask : 0x02000000 (33554432)
  3946. 0: KEY_QUERY_VALUE
  3947. 0: KEY_SET_VALUE
  3948. 0: KEY_CREATE_SUB_KEY
  3949. 0: KEY_ENUMERATE_SUB_KEYS
  3950. 0: KEY_NOTIFY
  3951. 0: KEY_CREATE_LINK
  3952. 0: KEY_WOW64_64KEY
  3953. 0: KEY_WOW64_32KEY
  3954. secdesc : NULL
  3955. action_taken : *
  3956. action_taken : REG_OPENED_EXISTING_KEY (2)
  3957. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security'
  3958. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  3959. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3960. regkey_open_onelevel: name = [SYSTEM]
  3961. regdb_open: incrementing refcount (3->4)
  3962. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  3963. pathtree_find: Enter [\HKLM\SYSTEM]
  3964. pathtree_find: Exit
  3965. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  3966. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3967. regkey_open_onelevel: name = [CurrentControlSet]
  3968. regdb_open: incrementing refcount (4->5)
  3969. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  3970. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  3971. pathtree_find: Exit
  3972. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  3973. regdb_close: decrementing refcount (5->4)
  3974. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3975. regkey_open_onelevel: name = [Services]
  3976. regdb_open: incrementing refcount (4->5)
  3977. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  3978. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  3979. pathtree_find: Exit
  3980. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  3981. regdb_close: decrementing refcount (5->4)
  3982. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  3983. regkey_open_onelevel: name = [RemoteRegistry]
  3984. regdb_open: incrementing refcount (4->5)
  3985. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3986. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3987. pathtree_find: Exit
  3988. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
  3989. regdb_close: decrementing refcount (5->4)
  3990. regkey_open_onelevel: name = [Security]
  3991. regdb_open: incrementing refcount (4->5)
  3992. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
  3993. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
  3994. pathtree_find: Exit
  3995. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
  3996. regdb_close: decrementing refcount (5->4)
  3997. winreg_CreateKey: struct winreg_CreateKey
  3998. out: struct winreg_CreateKey
  3999. new_handle : *
  4000. new_handle: struct policy_handle
  4001. handle_type : 0x00000001 (1)
  4002. uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
  4003. action_taken : *
  4004. action_taken : REG_OPENED_EXISTING_KEY (2)
  4005. result : WERR_OK
  4006. winreg_SetValue: struct winreg_SetValue
  4007. in: struct winreg_SetValue
  4008. handle : *
  4009. handle: struct policy_handle
  4010. handle_type : 0x00000001 (1)
  4011. uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
  4012. name: struct winreg_String
  4013. name_len : 0x0012 (18)
  4014. name_size : 0x0012 (18)
  4015. name : *
  4016. name : 'Security'
  4017. type : REG_BINARY (3)
  4018. data : *
  4019. data: ARRAY(120)
  4020. [0] : 0x01 (1)
  4021. [1] : 0x00 (0)
  4022. [2] : 0x04 (4)
  4023. [3] : 0x80 (128)
  4024. [4] : 0x00 (0)
  4025. [5] : 0x00 (0)
  4026. [6] : 0x00 (0)
  4027. [7] : 0x00 (0)
  4028. [8] : 0x00 (0)
  4029. [9] : 0x00 (0)
  4030. [10] : 0x00 (0)
  4031. [11] : 0x00 (0)
  4032. [12] : 0x00 (0)
  4033. [13] : 0x00 (0)
  4034. [14] : 0x00 (0)
  4035. [15] : 0x00 (0)
  4036. [16] : 0x14 (20)
  4037. [17] : 0x00 (0)
  4038. [18] : 0x00 (0)
  4039. [19] : 0x00 (0)
  4040. [20] : 0x02 (2)
  4041. [21] : 0x00 (0)
  4042. [22] : 0x64 (100)
  4043. [23] : 0x00 (0)
  4044. [24] : 0x04 (4)
  4045. [25] : 0x00 (0)
  4046. [26] : 0x00 (0)
  4047. [27] : 0x00 (0)
  4048. [28] : 0x00 (0)
  4049. [29] : 0x00 (0)
  4050. [30] : 0x14 (20)
  4051. [31] : 0x00 (0)
  4052. [32] : 0x8d (141)
  4053. [33] : 0x01 (1)
  4054. [34] : 0x02 (2)
  4055. [35] : 0x00 (0)
  4056. [36] : 0x01 (1)
  4057. [37] : 0x01 (1)
  4058. [38] : 0x00 (0)
  4059. [39] : 0x00 (0)
  4060. [40] : 0x00 (0)
  4061. [41] : 0x00 (0)
  4062. [42] : 0x00 (0)
  4063. [43] : 0x01 (1)
  4064. [44] : 0x00 (0)
  4065. [45] : 0x00 (0)
  4066. [46] : 0x00 (0)
  4067. [47] : 0x00 (0)
  4068. [48] : 0x00 (0)
  4069. [49] : 0x00 (0)
  4070. [50] : 0x18 (24)
  4071. [51] : 0x00 (0)
  4072. [52] : 0xfd (253)
  4073. [53] : 0x01 (1)
  4074. [54] : 0x02 (2)
  4075. [55] : 0x00 (0)
  4076. [56] : 0x01 (1)
  4077. [57] : 0x02 (2)
  4078. [58] : 0x00 (0)
  4079. [59] : 0x00 (0)
  4080. [60] : 0x00 (0)
  4081. [61] : 0x00 (0)
  4082. [62] : 0x00 (0)
  4083. [63] : 0x05 (5)
  4084. [64] : 0x20 (32)
  4085. [65] : 0x00 (0)
  4086. [66] : 0x00 (0)
  4087. [67] : 0x00 (0)
  4088. [68] : 0x23 (35)
  4089. [69] : 0x02 (2)
  4090. [70] : 0x00 (0)
  4091. [71] : 0x00 (0)
  4092. [72] : 0x00 (0)
  4093. [73] : 0x00 (0)
  4094. [74] : 0x18 (24)
  4095. [75] : 0x00 (0)
  4096. [76] : 0xff (255)
  4097. [77] : 0x01 (1)
  4098. [78] : 0x0f (15)
  4099. [79] : 0x00 (0)
  4100. [80] : 0x01 (1)
  4101. [81] : 0x02 (2)
  4102. [82] : 0x00 (0)
  4103. [83] : 0x00 (0)
  4104. [84] : 0x00 (0)
  4105. [85] : 0x00 (0)
  4106. [86] : 0x00 (0)
  4107. [87] : 0x05 (5)
  4108. [88] : 0x20 (32)
  4109. [89] : 0x00 (0)
  4110. [90] : 0x00 (0)
  4111. [91] : 0x00 (0)
  4112. [92] : 0x25 (37)
  4113. [93] : 0x02 (2)
  4114. [94] : 0x00 (0)
  4115. [95] : 0x00 (0)
  4116. [96] : 0x00 (0)
  4117. [97] : 0x00 (0)
  4118. [98] : 0x18 (24)
  4119. [99] : 0x00 (0)
  4120. [100] : 0xff (255)
  4121. [101] : 0x01 (1)
  4122. [102] : 0x0f (15)
  4123. [103] : 0x00 (0)
  4124. [104] : 0x01 (1)
  4125. [105] : 0x02 (2)
  4126. [106] : 0x00 (0)
  4127. [107] : 0x00 (0)
  4128. [108] : 0x00 (0)
  4129. [109] : 0x00 (0)
  4130. [110] : 0x00 (0)
  4131. [111] : 0x05 (5)
  4132. [112] : 0x20 (32)
  4133. [113] : 0x00 (0)
  4134. [114] : 0x00 (0)
  4135. [115] : 0x00 (0)
  4136. [116] : 0x20 (32)
  4137. [117] : 0x02 (2)
  4138. [118] : 0x00 (0)
  4139. [119] : 0x00 (0)
  4140. size : 0x00000078 (120)
  4141. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security]
  4142. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4143. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0xb6c0524c)
  4144. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
  4145. regdb_unpack_values: value[0]: name[Security] len[120]
  4146. winreg_SetValue: struct winreg_SetValue
  4147. out: struct winreg_SetValue
  4148. result : WERR_OK
  4149. winreg_CloseKey: struct winreg_CloseKey
  4150. in: struct winreg_CloseKey
  4151. handle : *
  4152. handle: struct policy_handle
  4153. handle_type : 0x00000001 (1)
  4154. uuid : 1b5e22c6-3579-4395-9c32-2af87b3e54ad
  4155. regdb_close: decrementing refcount (4->3)
  4156. winreg_CloseKey: struct winreg_CloseKey
  4157. out: struct winreg_CloseKey
  4158. handle : *
  4159. handle: struct policy_handle
  4160. handle_type : 0x00000000 (0)
  4161. uuid : 00000000-0000-0000-0000-000000000000
  4162. result : WERR_OK
  4163. winreg_CreateKey: struct winreg_CreateKey
  4164. in: struct winreg_CreateKey
  4165. handle : *
  4166. handle: struct policy_handle
  4167. handle_type : 0x00000001 (1)
  4168. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  4169. name: struct winreg_String
  4170. name_len : 0x004e (78)
  4171. name_size : 0x004e (78)
  4172. name : *
  4173. name : 'SYSTEM\CurrentControlSet\Services\WINS'
  4174. keyclass: struct winreg_String
  4175. name_len : 0x0002 (2)
  4176. name_size : 0x0002 (2)
  4177. name : *
  4178. name : ''
  4179. options : 0x00000000 (0)
  4180. 0: REG_OPTION_VOLATILE
  4181. 0: REG_OPTION_CREATE_LINK
  4182. 0: REG_OPTION_BACKUP_RESTORE
  4183. 0: REG_OPTION_OPEN_LINK
  4184. access_mask : 0x02000000 (33554432)
  4185. 0: KEY_QUERY_VALUE
  4186. 0: KEY_SET_VALUE
  4187. 0: KEY_CREATE_SUB_KEY
  4188. 0: KEY_ENUMERATE_SUB_KEYS
  4189. 0: KEY_NOTIFY
  4190. 0: KEY_CREATE_LINK
  4191. 0: KEY_WOW64_64KEY
  4192. 0: KEY_WOW64_32KEY
  4193. secdesc : NULL
  4194. action_taken : *
  4195. action_taken : REG_ACTION_NONE (0)
  4196. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS'
  4197. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4198. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4199. regkey_open_onelevel: name = [SYSTEM]
  4200. regdb_open: incrementing refcount (3->4)
  4201. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  4202. pathtree_find: Enter [\HKLM\SYSTEM]
  4203. pathtree_find: Exit
  4204. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  4205. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4206. regkey_open_onelevel: name = [CurrentControlSet]
  4207. regdb_open: incrementing refcount (4->5)
  4208. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  4209. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  4210. pathtree_find: Exit
  4211. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  4212. regdb_close: decrementing refcount (5->4)
  4213. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4214. regkey_open_onelevel: name = [Services]
  4215. regdb_open: incrementing refcount (4->5)
  4216. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  4217. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  4218. pathtree_find: Exit
  4219. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  4220. regdb_close: decrementing refcount (5->4)
  4221. regkey_open_onelevel: name = [WINS]
  4222. regdb_open: incrementing refcount (4->5)
  4223. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4224. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4225. pathtree_find: Exit
  4226. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4227. regdb_close: decrementing refcount (5->4)
  4228. winreg_CreateKey: struct winreg_CreateKey
  4229. out: struct winreg_CreateKey
  4230. new_handle : *
  4231. new_handle: struct policy_handle
  4232. handle_type : 0x00000001 (1)
  4233. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4234. action_taken : *
  4235. action_taken : REG_OPENED_EXISTING_KEY (2)
  4236. result : WERR_OK
  4237. winreg_SetValue: struct winreg_SetValue
  4238. in: struct winreg_SetValue
  4239. handle : *
  4240. handle: struct policy_handle
  4241. handle_type : 0x00000001 (1)
  4242. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4243. name: struct winreg_String
  4244. name_len : 0x000c (12)
  4245. name_size : 0x000c (12)
  4246. name : *
  4247. name : 'Start'
  4248. type : REG_DWORD (4)
  4249. data : *
  4250. data: ARRAY(4)
  4251. [0] : 0x02 (2)
  4252. [1] : 0x00 (0)
  4253. [2] : 0x00 (0)
  4254. [3] : 0x00 (0)
  4255. size : 0x00000004 (4)
  4256. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start]
  4257. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4258. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0xb6c0524c)
  4259. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4260. regdb_unpack_values: value[0]: name[Start] len[4]
  4261. regdb_unpack_values: value[1]: name[Type] len[4]
  4262. regdb_unpack_values: value[2]: name[ErrorControl] len[4]
  4263. regdb_unpack_values: value[3]: name[ObjectName] len[24]
  4264. regdb_unpack_values: value[4]: name[DisplayName] len[74]
  4265. regdb_unpack_values: value[5]: name[ImagePath] len[54]
  4266. regdb_unpack_values: value[6]: name[Description] len[178]
  4267. winreg_SetValue: struct winreg_SetValue
  4268. out: struct winreg_SetValue
  4269. result : WERR_OK
  4270. winreg_SetValue: struct winreg_SetValue
  4271. in: struct winreg_SetValue
  4272. handle : *
  4273. handle: struct policy_handle
  4274. handle_type : 0x00000001 (1)
  4275. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4276. name: struct winreg_String
  4277. name_len : 0x000a (10)
  4278. name_size : 0x000a (10)
  4279. name : *
  4280. name : 'Type'
  4281. type : REG_DWORD (4)
  4282. data : *
  4283. data: ARRAY(4)
  4284. [0] : 0x10 (16)
  4285. [1] : 0x00 (0)
  4286. [2] : 0x00 (0)
  4287. [3] : 0x00 (0)
  4288. size : 0x00000004 (4)
  4289. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type]
  4290. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4291. winreg_SetValue: struct winreg_SetValue
  4292. out: struct winreg_SetValue
  4293. result : WERR_OK
  4294. winreg_SetValue: struct winreg_SetValue
  4295. in: struct winreg_SetValue
  4296. handle : *
  4297. handle: struct policy_handle
  4298. handle_type : 0x00000001 (1)
  4299. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4300. name: struct winreg_String
  4301. name_len : 0x001a (26)
  4302. name_size : 0x001a (26)
  4303. name : *
  4304. name : 'ErrorControl'
  4305. type : REG_DWORD (4)
  4306. data : *
  4307. data: ARRAY(4)
  4308. [0] : 0x01 (1)
  4309. [1] : 0x00 (0)
  4310. [2] : 0x00 (0)
  4311. [3] : 0x00 (0)
  4312. size : 0x00000004 (4)
  4313. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl]
  4314. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4315. winreg_SetValue: struct winreg_SetValue
  4316. out: struct winreg_SetValue
  4317. result : WERR_OK
  4318. winreg_SetValue: struct winreg_SetValue
  4319. in: struct winreg_SetValue
  4320. handle : *
  4321. handle: struct policy_handle
  4322. handle_type : 0x00000001 (1)
  4323. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4324. name: struct winreg_String
  4325. name_len : 0x0016 (22)
  4326. name_size : 0x0016 (22)
  4327. name : *
  4328. name : 'ObjectName'
  4329. type : REG_SZ (1)
  4330. data : *
  4331. data: ARRAY(24)
  4332. [0] : 0x4c (76)
  4333. [1] : 0x00 (0)
  4334. [2] : 0x6f (111)
  4335. [3] : 0x00 (0)
  4336. [4] : 0x63 (99)
  4337. [5] : 0x00 (0)
  4338. [6] : 0x61 (97)
  4339. [7] : 0x00 (0)
  4340. [8] : 0x6c (108)
  4341. [9] : 0x00 (0)
  4342. [10] : 0x53 (83)
  4343. [11] : 0x00 (0)
  4344. [12] : 0x79 (121)
  4345. [13] : 0x00 (0)
  4346. [14] : 0x73 (115)
  4347. [15] : 0x00 (0)
  4348. [16] : 0x74 (116)
  4349. [17] : 0x00 (0)
  4350. [18] : 0x65 (101)
  4351. [19] : 0x00 (0)
  4352. [20] : 0x6d (109)
  4353. [21] : 0x00 (0)
  4354. [22] : 0x00 (0)
  4355. [23] : 0x00 (0)
  4356. size : 0x00000018 (24)
  4357. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName]
  4358. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4359. winreg_SetValue: struct winreg_SetValue
  4360. out: struct winreg_SetValue
  4361. result : WERR_OK
  4362. winreg_SetValue: struct winreg_SetValue
  4363. in: struct winreg_SetValue
  4364. handle : *
  4365. handle: struct policy_handle
  4366. handle_type : 0x00000001 (1)
  4367. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4368. name: struct winreg_String
  4369. name_len : 0x0018 (24)
  4370. name_size : 0x0018 (24)
  4371. name : *
  4372. name : 'DisplayName'
  4373. type : REG_SZ (1)
  4374. data : *
  4375. data: ARRAY(74)
  4376. [0] : 0x57 (87)
  4377. [1] : 0x00 (0)
  4378. [2] : 0x69 (105)
  4379. [3] : 0x00 (0)
  4380. [4] : 0x6e (110)
  4381. [5] : 0x00 (0)
  4382. [6] : 0x64 (100)
  4383. [7] : 0x00 (0)
  4384. [8] : 0x6f (111)
  4385. [9] : 0x00 (0)
  4386. [10] : 0x77 (119)
  4387. [11] : 0x00 (0)
  4388. [12] : 0x73 (115)
  4389. [13] : 0x00 (0)
  4390. [14] : 0x20 (32)
  4391. [15] : 0x00 (0)
  4392. [16] : 0x49 (73)
  4393. [17] : 0x00 (0)
  4394. [18] : 0x6e (110)
  4395. [19] : 0x00 (0)
  4396. [20] : 0x74 (116)
  4397. [21] : 0x00 (0)
  4398. [22] : 0x65 (101)
  4399. [23] : 0x00 (0)
  4400. [24] : 0x72 (114)
  4401. [25] : 0x00 (0)
  4402. [26] : 0x6e (110)
  4403. [27] : 0x00 (0)
  4404. [28] : 0x65 (101)
  4405. [29] : 0x00 (0)
  4406. [30] : 0x74 (116)
  4407. [31] : 0x00 (0)
  4408. [32] : 0x20 (32)
  4409. [33] : 0x00 (0)
  4410. [34] : 0x4e (78)
  4411. [35] : 0x00 (0)
  4412. [36] : 0x61 (97)
  4413. [37] : 0x00 (0)
  4414. [38] : 0x6d (109)
  4415. [39] : 0x00 (0)
  4416. [40] : 0x65 (101)
  4417. [41] : 0x00 (0)
  4418. [42] : 0x20 (32)
  4419. [43] : 0x00 (0)
  4420. [44] : 0x53 (83)
  4421. [45] : 0x00 (0)
  4422. [46] : 0x65 (101)
  4423. [47] : 0x00 (0)
  4424. [48] : 0x72 (114)
  4425. [49] : 0x00 (0)
  4426. [50] : 0x76 (118)
  4427. [51] : 0x00 (0)
  4428. [52] : 0x69 (105)
  4429. [53] : 0x00 (0)
  4430. [54] : 0x63 (99)
  4431. [55] : 0x00 (0)
  4432. [56] : 0x65 (101)
  4433. [57] : 0x00 (0)
  4434. [58] : 0x20 (32)
  4435. [59] : 0x00 (0)
  4436. [60] : 0x28 (40)
  4437. [61] : 0x00 (0)
  4438. [62] : 0x57 (87)
  4439. [63] : 0x00 (0)
  4440. [64] : 0x49 (73)
  4441. [65] : 0x00 (0)
  4442. [66] : 0x4e (78)
  4443. [67] : 0x00 (0)
  4444. [68] : 0x53 (83)
  4445. [69] : 0x00 (0)
  4446. [70] : 0x29 (41)
  4447. [71] : 0x00 (0)
  4448. [72] : 0x00 (0)
  4449. [73] : 0x00 (0)
  4450. size : 0x0000004a (74)
  4451. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName]
  4452. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4453. winreg_SetValue: struct winreg_SetValue
  4454. out: struct winreg_SetValue
  4455. result : WERR_OK
  4456. winreg_SetValue: struct winreg_SetValue
  4457. in: struct winreg_SetValue
  4458. handle : *
  4459. handle: struct policy_handle
  4460. handle_type : 0x00000001 (1)
  4461. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4462. name: struct winreg_String
  4463. name_len : 0x0014 (20)
  4464. name_size : 0x0014 (20)
  4465. name : *
  4466. name : 'ImagePath'
  4467. type : REG_SZ (1)
  4468. data : *
  4469. data: ARRAY(54)
  4470. [0] : 0x2f (47)
  4471. [1] : 0x00 (0)
  4472. [2] : 0x75 (117)
  4473. [3] : 0x00 (0)
  4474. [4] : 0x73 (115)
  4475. [5] : 0x00 (0)
  4476. [6] : 0x72 (114)
  4477. [7] : 0x00 (0)
  4478. [8] : 0x2f (47)
  4479. [9] : 0x00 (0)
  4480. [10] : 0x6c (108)
  4481. [11] : 0x00 (0)
  4482. [12] : 0x69 (105)
  4483. [13] : 0x00 (0)
  4484. [14] : 0x62 (98)
  4485. [15] : 0x00 (0)
  4486. [16] : 0x2f (47)
  4487. [17] : 0x00 (0)
  4488. [18] : 0x73 (115)
  4489. [19] : 0x00 (0)
  4490. [20] : 0x61 (97)
  4491. [21] : 0x00 (0)
  4492. [22] : 0x6d (109)
  4493. [23] : 0x00 (0)
  4494. [24] : 0x62 (98)
  4495. [25] : 0x00 (0)
  4496. [26] : 0x61 (97)
  4497. [27] : 0x00 (0)
  4498. [28] : 0x2f (47)
  4499. [29] : 0x00 (0)
  4500. [30] : 0x73 (115)
  4501. [31] : 0x00 (0)
  4502. [32] : 0x76 (118)
  4503. [33] : 0x00 (0)
  4504. [34] : 0x63 (99)
  4505. [35] : 0x00 (0)
  4506. [36] : 0x63 (99)
  4507. [37] : 0x00 (0)
  4508. [38] : 0x74 (116)
  4509. [39] : 0x00 (0)
  4510. [40] : 0x6c (108)
  4511. [41] : 0x00 (0)
  4512. [42] : 0x2f (47)
  4513. [43] : 0x00 (0)
  4514. [44] : 0x6e (110)
  4515. [45] : 0x00 (0)
  4516. [46] : 0x6d (109)
  4517. [47] : 0x00 (0)
  4518. [48] : 0x62 (98)
  4519. [49] : 0x00 (0)
  4520. [50] : 0x64 (100)
  4521. [51] : 0x00 (0)
  4522. [52] : 0x00 (0)
  4523. [53] : 0x00 (0)
  4524. size : 0x00000036 (54)
  4525. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath]
  4526. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4527. winreg_SetValue: struct winreg_SetValue
  4528. out: struct winreg_SetValue
  4529. result : WERR_OK
  4530. winreg_SetValue: struct winreg_SetValue
  4531. in: struct winreg_SetValue
  4532. handle : *
  4533. handle: struct policy_handle
  4534. handle_type : 0x00000001 (1)
  4535. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4536. name: struct winreg_String
  4537. name_len : 0x0018 (24)
  4538. name_size : 0x0018 (24)
  4539. name : *
  4540. name : 'Description'
  4541. type : REG_SZ (1)
  4542. data : *
  4543. data: ARRAY(178)
  4544. [0] : 0x49 (73)
  4545. [1] : 0x00 (0)
  4546. [2] : 0x6e (110)
  4547. [3] : 0x00 (0)
  4548. [4] : 0x74 (116)
  4549. [5] : 0x00 (0)
  4550. [6] : 0x65 (101)
  4551. [7] : 0x00 (0)
  4552. [8] : 0x72 (114)
  4553. [9] : 0x00 (0)
  4554. [10] : 0x6e (110)
  4555. [11] : 0x00 (0)
  4556. [12] : 0x61 (97)
  4557. [13] : 0x00 (0)
  4558. [14] : 0x6c (108)
  4559. [15] : 0x00 (0)
  4560. [16] : 0x20 (32)
  4561. [17] : 0x00 (0)
  4562. [18] : 0x73 (115)
  4563. [19] : 0x00 (0)
  4564. [20] : 0x65 (101)
  4565. [21] : 0x00 (0)
  4566. [22] : 0x72 (114)
  4567. [23] : 0x00 (0)
  4568. [24] : 0x76 (118)
  4569. [25] : 0x00 (0)
  4570. [26] : 0x69 (105)
  4571. [27] : 0x00 (0)
  4572. [28] : 0x63 (99)
  4573. [29] : 0x00 (0)
  4574. [30] : 0x65 (101)
  4575. [31] : 0x00 (0)
  4576. [32] : 0x20 (32)
  4577. [33] : 0x00 (0)
  4578. [34] : 0x70 (112)
  4579. [35] : 0x00 (0)
  4580. [36] : 0x72 (114)
  4581. [37] : 0x00 (0)
  4582. [38] : 0x6f (111)
  4583. [39] : 0x00 (0)
  4584. [40] : 0x76 (118)
  4585. [41] : 0x00 (0)
  4586. [42] : 0x69 (105)
  4587. [43] : 0x00 (0)
  4588. [44] : 0x64 (100)
  4589. [45] : 0x00 (0)
  4590. [46] : 0x69 (105)
  4591. [47] : 0x00 (0)
  4592. [48] : 0x6e (110)
  4593. [49] : 0x00 (0)
  4594. [50] : 0x67 (103)
  4595. [51] : 0x00 (0)
  4596. [52] : 0x20 (32)
  4597. [53] : 0x00 (0)
  4598. [54] : 0x61 (97)
  4599. [55] : 0x00 (0)
  4600. [56] : 0x20 (32)
  4601. [57] : 0x00 (0)
  4602. [58] : 0x4e (78)
  4603. [59] : 0x00 (0)
  4604. [60] : 0x65 (101)
  4605. [61] : 0x00 (0)
  4606. [62] : 0x74 (116)
  4607. [63] : 0x00 (0)
  4608. [64] : 0x42 (66)
  4609. [65] : 0x00 (0)
  4610. [66] : 0x49 (73)
  4611. [67] : 0x00 (0)
  4612. [68] : 0x4f (79)
  4613. [69] : 0x00 (0)
  4614. [70] : 0x53 (83)
  4615. [71] : 0x00 (0)
  4616. [72] : 0x20 (32)
  4617. [73] : 0x00 (0)
  4618. [74] : 0x70 (112)
  4619. [75] : 0x00 (0)
  4620. [76] : 0x6f (111)
  4621. [77] : 0x00 (0)
  4622. [78] : 0x69 (105)
  4623. [79] : 0x00 (0)
  4624. [80] : 0x6e (110)
  4625. [81] : 0x00 (0)
  4626. [82] : 0x74 (116)
  4627. [83] : 0x00 (0)
  4628. [84] : 0x2d (45)
  4629. [85] : 0x00 (0)
  4630. [86] : 0x74 (116)
  4631. [87] : 0x00 (0)
  4632. [88] : 0x6f (111)
  4633. [89] : 0x00 (0)
  4634. [90] : 0x2d (45)
  4635. [91] : 0x00 (0)
  4636. [92] : 0x70 (112)
  4637. [93] : 0x00 (0)
  4638. [94] : 0x6f (111)
  4639. [95] : 0x00 (0)
  4640. [96] : 0x69 (105)
  4641. [97] : 0x00 (0)
  4642. [98] : 0x6e (110)
  4643. [99] : 0x00 (0)
  4644. [100] : 0x74 (116)
  4645. [101] : 0x00 (0)
  4646. [102] : 0x20 (32)
  4647. [103] : 0x00 (0)
  4648. [104] : 0x6e (110)
  4649. [105] : 0x00 (0)
  4650. [106] : 0x61 (97)
  4651. [107] : 0x00 (0)
  4652. [108] : 0x6d (109)
  4653. [109] : 0x00 (0)
  4654. [110] : 0x65 (101)
  4655. [111] : 0x00 (0)
  4656. [112] : 0x20 (32)
  4657. [113] : 0x00 (0)
  4658. [114] : 0x73 (115)
  4659. [115] : 0x00 (0)
  4660. [116] : 0x65 (101)
  4661. [117] : 0x00 (0)
  4662. [118] : 0x72 (114)
  4663. [119] : 0x00 (0)
  4664. [120] : 0x76 (118)
  4665. [121] : 0x00 (0)
  4666. [122] : 0x65 (101)
  4667. [123] : 0x00 (0)
  4668. [124] : 0x72 (114)
  4669. [125] : 0x00 (0)
  4670. [126] : 0x28 (40)
  4671. [127] : 0x00 (0)
  4672. [128] : 0x6e (110)
  4673. [129] : 0x00 (0)
  4674. [130] : 0x6f (111)
  4675. [131] : 0x00 (0)
  4676. [132] : 0x74 (116)
  4677. [133] : 0x00 (0)
  4678. [134] : 0x20 (32)
  4679. [135] : 0x00 (0)
  4680. [136] : 0x72 (114)
  4681. [137] : 0x00 (0)
  4682. [138] : 0x65 (101)
  4683. [139] : 0x00 (0)
  4684. [140] : 0x6d (109)
  4685. [141] : 0x00 (0)
  4686. [142] : 0x6f (111)
  4687. [143] : 0x00 (0)
  4688. [144] : 0x74 (116)
  4689. [145] : 0x00 (0)
  4690. [146] : 0x65 (101)
  4691. [147] : 0x00 (0)
  4692. [148] : 0x6c (108)
  4693. [149] : 0x00 (0)
  4694. [150] : 0x79 (121)
  4695. [151] : 0x00 (0)
  4696. [152] : 0x20 (32)
  4697. [153] : 0x00 (0)
  4698. [154] : 0x6d (109)
  4699. [155] : 0x00 (0)
  4700. [156] : 0x61 (97)
  4701. [157] : 0x00 (0)
  4702. [158] : 0x6e (110)
  4703. [159] : 0x00 (0)
  4704. [160] : 0x61 (97)
  4705. [161] : 0x00 (0)
  4706. [162] : 0x67 (103)
  4707. [163] : 0x00 (0)
  4708. [164] : 0x65 (101)
  4709. [165] : 0x00 (0)
  4710. [166] : 0x61 (97)
  4711. [167] : 0x00 (0)
  4712. [168] : 0x62 (98)
  4713. [169] : 0x00 (0)
  4714. [170] : 0x6c (108)
  4715. [171] : 0x00 (0)
  4716. [172] : 0x65 (101)
  4717. [173] : 0x00 (0)
  4718. [174] : 0x29 (41)
  4719. [175] : 0x00 (0)
  4720. [176] : 0x00 (0)
  4721. [177] : 0x00 (0)
  4722. size : 0x000000b2 (178)
  4723. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description]
  4724. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4725. winreg_SetValue: struct winreg_SetValue
  4726. out: struct winreg_SetValue
  4727. result : WERR_OK
  4728. winreg_CloseKey: struct winreg_CloseKey
  4729. in: struct winreg_CloseKey
  4730. handle : *
  4731. handle: struct policy_handle
  4732. handle_type : 0x00000001 (1)
  4733. uuid : 85ed9113-f318-4cbf-9fec-fc57d131412d
  4734. regdb_close: decrementing refcount (4->3)
  4735. winreg_CloseKey: struct winreg_CloseKey
  4736. out: struct winreg_CloseKey
  4737. handle : *
  4738. handle: struct policy_handle
  4739. handle_type : 0x00000000 (0)
  4740. uuid : 00000000-0000-0000-0000-000000000000
  4741. result : WERR_OK
  4742. winreg_CreateKey: struct winreg_CreateKey
  4743. in: struct winreg_CreateKey
  4744. handle : *
  4745. handle: struct policy_handle
  4746. handle_type : 0x00000001 (1)
  4747. uuid : 20757302-61b8-4ac2-9c25-561ac7d9e2e4
  4748. name: struct winreg_String
  4749. name_len : 0x0060 (96)
  4750. name_size : 0x0060 (96)
  4751. name : *
  4752. name : 'SYSTEM\CurrentControlSet\Services\WINS\Security'
  4753. keyclass: struct winreg_String
  4754. name_len : 0x0002 (2)
  4755. name_size : 0x0002 (2)
  4756. name : *
  4757. name : ''
  4758. options : 0x00000000 (0)
  4759. 0: REG_OPTION_VOLATILE
  4760. 0: REG_OPTION_CREATE_LINK
  4761. 0: REG_OPTION_BACKUP_RESTORE
  4762. 0: REG_OPTION_OPEN_LINK
  4763. access_mask : 0x02000000 (33554432)
  4764. 0: KEY_QUERY_VALUE
  4765. 0: KEY_SET_VALUE
  4766. 0: KEY_CREATE_SUB_KEY
  4767. 0: KEY_ENUMERATE_SUB_KEYS
  4768. 0: KEY_NOTIFY
  4769. 0: KEY_CREATE_LINK
  4770. 0: KEY_WOW64_64KEY
  4771. 0: KEY_WOW64_32KEY
  4772. secdesc : NULL
  4773. action_taken : *
  4774. action_taken : REG_OPENED_EXISTING_KEY (2)
  4775. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security'
  4776. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4777. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4778. regkey_open_onelevel: name = [SYSTEM]
  4779. regdb_open: incrementing refcount (3->4)
  4780. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  4781. pathtree_find: Enter [\HKLM\SYSTEM]
  4782. pathtree_find: Exit
  4783. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  4784. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4785. regkey_open_onelevel: name = [CurrentControlSet]
  4786. regdb_open: incrementing refcount (4->5)
  4787. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  4788. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  4789. pathtree_find: Exit
  4790. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  4791. regdb_close: decrementing refcount (5->4)
  4792. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4793. regkey_open_onelevel: name = [Services]
  4794. regdb_open: incrementing refcount (4->5)
  4795. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  4796. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  4797. pathtree_find: Exit
  4798. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  4799. regdb_close: decrementing refcount (5->4)
  4800. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2
  4801. regkey_open_onelevel: name = [WINS]
  4802. regdb_open: incrementing refcount (4->5)
  4803. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4804. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4805. pathtree_find: Exit
  4806. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS]
  4807. regdb_close: decrementing refcount (5->4)
  4808. regkey_open_onelevel: name = [Security]
  4809. regdb_open: incrementing refcount (4->5)
  4810. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
  4811. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
  4812. pathtree_find: Exit
  4813. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
  4814. regdb_close: decrementing refcount (5->4)
  4815. winreg_CreateKey: struct winreg_CreateKey
  4816. out: struct winreg_CreateKey
  4817. new_handle : *
  4818. new_handle: struct policy_handle
  4819. handle_type : 0x00000001 (1)
  4820. uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
  4821. action_taken : *
  4822. action_taken : REG_OPENED_EXISTING_KEY (2)
  4823. result : WERR_OK
  4824. winreg_SetValue: struct winreg_SetValue
  4825. in: struct winreg_SetValue
  4826. handle : *
  4827. handle: struct policy_handle
  4828. handle_type : 0x00000001 (1)
  4829. uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
  4830. name: struct winreg_String
  4831. name_len : 0x0012 (18)
  4832. name_size : 0x0012 (18)
  4833. name : *
  4834. name : 'Security'
  4835. type : REG_BINARY (3)
  4836. data : *
  4837. data: ARRAY(120)
  4838. [0] : 0x01 (1)
  4839. [1] : 0x00 (0)
  4840. [2] : 0x04 (4)
  4841. [3] : 0x80 (128)
  4842. [4] : 0x00 (0)
  4843. [5] : 0x00 (0)
  4844. [6] : 0x00 (0)
  4845. [7] : 0x00 (0)
  4846. [8] : 0x00 (0)
  4847. [9] : 0x00 (0)
  4848. [10] : 0x00 (0)
  4849. [11] : 0x00 (0)
  4850. [12] : 0x00 (0)
  4851. [13] : 0x00 (0)
  4852. [14] : 0x00 (0)
  4853. [15] : 0x00 (0)
  4854. [16] : 0x14 (20)
  4855. [17] : 0x00 (0)
  4856. [18] : 0x00 (0)
  4857. [19] : 0x00 (0)
  4858. [20] : 0x02 (2)
  4859. [21] : 0x00 (0)
  4860. [22] : 0x64 (100)
  4861. [23] : 0x00 (0)
  4862. [24] : 0x04 (4)
  4863. [25] : 0x00 (0)
  4864. [26] : 0x00 (0)
  4865. [27] : 0x00 (0)
  4866. [28] : 0x00 (0)
  4867. [29] : 0x00 (0)
  4868. [30] : 0x14 (20)
  4869. [31] : 0x00 (0)
  4870. [32] : 0x8d (141)
  4871. [33] : 0x01 (1)
  4872. [34] : 0x02 (2)
  4873. [35] : 0x00 (0)
  4874. [36] : 0x01 (1)
  4875. [37] : 0x01 (1)
  4876. [38] : 0x00 (0)
  4877. [39] : 0x00 (0)
  4878. [40] : 0x00 (0)
  4879. [41] : 0x00 (0)
  4880. [42] : 0x00 (0)
  4881. [43] : 0x01 (1)
  4882. [44] : 0x00 (0)
  4883. [45] : 0x00 (0)
  4884. [46] : 0x00 (0)
  4885. [47] : 0x00 (0)
  4886. [48] : 0x00 (0)
  4887. [49] : 0x00 (0)
  4888. [50] : 0x18 (24)
  4889. [51] : 0x00 (0)
  4890. [52] : 0xfd (253)
  4891. [53] : 0x01 (1)
  4892. [54] : 0x02 (2)
  4893. [55] : 0x00 (0)
  4894. [56] : 0x01 (1)
  4895. [57] : 0x02 (2)
  4896. [58] : 0x00 (0)
  4897. [59] : 0x00 (0)
  4898. [60] : 0x00 (0)
  4899. [61] : 0x00 (0)
  4900. [62] : 0x00 (0)
  4901. [63] : 0x05 (5)
  4902. [64] : 0x20 (32)
  4903. [65] : 0x00 (0)
  4904. [66] : 0x00 (0)
  4905. [67] : 0x00 (0)
  4906. [68] : 0x23 (35)
  4907. [69] : 0x02 (2)
  4908. [70] : 0x00 (0)
  4909. [71] : 0x00 (0)
  4910. [72] : 0x00 (0)
  4911. [73] : 0x00 (0)
  4912. [74] : 0x18 (24)
  4913. [75] : 0x00 (0)
  4914. [76] : 0xff (255)
  4915. [77] : 0x01 (1)
  4916. [78] : 0x0f (15)
  4917. [79] : 0x00 (0)
  4918. [80] : 0x01 (1)
  4919. [81] : 0x02 (2)
  4920. [82] : 0x00 (0)
  4921. [83] : 0x00 (0)
  4922. [84] : 0x00 (0)
  4923. [85] : 0x00 (0)
  4924. [86] : 0x00 (0)
  4925. [87] : 0x05 (5)
  4926. [88] : 0x20 (32)
  4927. [89] : 0x00 (0)
  4928. [90] : 0x00 (0)
  4929. [91] : 0x00 (0)
  4930. [92] : 0x25 (37)
  4931. [93] : 0x02 (2)
  4932. [94] : 0x00 (0)
  4933. [95] : 0x00 (0)
  4934. [96] : 0x00 (0)
  4935. [97] : 0x00 (0)
  4936. [98] : 0x18 (24)
  4937. [99] : 0x00 (0)
  4938. [100] : 0xff (255)
  4939. [101] : 0x01 (1)
  4940. [102] : 0x0f (15)
  4941. [103] : 0x00 (0)
  4942. [104] : 0x01 (1)
  4943. [105] : 0x02 (2)
  4944. [106] : 0x00 (0)
  4945. [107] : 0x00 (0)
  4946. [108] : 0x00 (0)
  4947. [109] : 0x00 (0)
  4948. [110] : 0x00 (0)
  4949. [111] : 0x05 (5)
  4950. [112] : 0x20 (32)
  4951. [113] : 0x00 (0)
  4952. [114] : 0x00 (0)
  4953. [115] : 0x00 (0)
  4954. [116] : 0x20 (32)
  4955. [117] : 0x02 (2)
  4956. [118] : 0x00 (0)
  4957. [119] : 0x00 (0)
  4958. size : 0x00000078 (120)
  4959. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security]
  4960. tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1
  4961. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0xb6c0524c)
  4962. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security]
  4963. regdb_unpack_values: value[0]: name[Security] len[120]
  4964. winreg_SetValue: struct winreg_SetValue
  4965. out: struct winreg_SetValue
  4966. result : WERR_OK
  4967. winreg_CloseKey: struct winreg_CloseKey
  4968. in: struct winreg_CloseKey
  4969. handle : *
  4970. handle: struct policy_handle
  4971. handle_type : 0x00000001 (1)
  4972. uuid : 49cd4b43-d6d7-4016-b54f-cb90efb64762
  4973. regdb_close: decrementing refcount (4->3)
  4974. winreg_CloseKey: struct winreg_CloseKey
  4975. out: struct winreg_CloseKey
  4976. handle : *
  4977. handle: struct policy_handle
  4978. handle_type : 0x00000000 (0)
  4979. uuid : 00000000-0000-0000-0000-000000000000
  4980. result : WERR_OK
  4981. winreg_CloseKey: struct winreg_CloseKey
  4982. in: struct winreg_CloseKey
  4983. handle : *
  4984. handle: struct policy_handle
  4985. handle_type : 0x00000001 (1)
  4986. uuid : f9c343cb-3fc3-4f90-9d19-d88d7e9ebc0c
  4987. regdb_close: decrementing refcount (3->2)
  4988. winreg_CloseKey: struct winreg_CloseKey
  4989. out: struct winreg_CloseKey
  4990. handle : *
  4991. handle: struct policy_handle
  4992. handle_type : 0x00000000 (0)
  4993. uuid : 00000000-0000-0000-0000-000000000000
  4994. result : WERR_OK
  4995. regdb_close: decrementing refcount (2->1)
  4996. regdb_close: decrementing refcount (1->0)
  4997. dcesrv_interface_register: Interface 'svcctl' registered on endpoint 'ncacn_np:[\pipe\svcctl]' (single process required)
  4998. dcesrv_interface_register: Interface 'svcctl' registered on endpoint 'ncalrpc:' (single process required)
  4999. dcesrv_interface_register: Interface 'ntsvcs' registered on endpoint 'ncacn_np:[\pipe\ntsvcs]' (single process required)
  5000. dcesrv_interface_register: Interface 'ntsvcs' registered on endpoint 'ncacn_np:[\pipe\plugplay]' (single process required)
  5001. Initialise the eventlog registry keys if needed.
  5002. make_internal_ncacn_conn: Create pipe requested winreg
  5003. Created internal pipe winreg
  5004. winreg_OpenHKLM: struct winreg_OpenHKLM
  5005. in: struct winreg_OpenHKLM
  5006. system_name : NULL
  5007. access_mask : 0x02000000 (33554432)
  5008. 0: KEY_QUERY_VALUE
  5009. 0: KEY_SET_VALUE
  5010. 0: KEY_CREATE_SUB_KEY
  5011. 0: KEY_ENUMERATE_SUB_KEYS
  5012. 0: KEY_NOTIFY
  5013. 0: KEY_CREATE_LINK
  5014. 0: KEY_WOW64_64KEY
  5015. 0: KEY_WOW64_32KEY
  5016. regkey_open_onelevel: name = [HKLM]
  5017. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  5018. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  5019. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  5020. Security token: (NULL)
  5021. UNIX token of user 0
  5022. Primary group is 0 and contains 0 supplementary groups
  5023. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  5024. regdb_open: registry db opened. refcount reset (1)
  5025. reghook_cache_find: Searching for keyname [\HKLM]
  5026. pathtree_find: Enter [\HKLM]
  5027. pathtree_find: Exit
  5028. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM]
  5029. winreg_OpenHKLM: struct winreg_OpenHKLM
  5030. out: struct winreg_OpenHKLM
  5031. handle : *
  5032. handle: struct policy_handle
  5033. handle_type : 0x00000001 (1)
  5034. uuid : 3d2db9c1-02aa-45b9-a156-1dcc203ce978
  5035. result : WERR_OK
  5036. winreg_OpenKey: struct winreg_OpenKey
  5037. in: struct winreg_OpenKey
  5038. parent_handle : *
  5039. parent_handle: struct policy_handle
  5040. handle_type : 0x00000001 (1)
  5041. uuid : 3d2db9c1-02aa-45b9-a156-1dcc203ce978
  5042. keyname: struct winreg_String
  5043. name_len : 0x0056 (86)
  5044. name_size : 0x0056 (86)
  5045. name : *
  5046. name : 'SYSTEM\CurrentControlSet\Services\Eventlog'
  5047. options : 0x00000000 (0)
  5048. 0: REG_OPTION_VOLATILE
  5049. 0: REG_OPTION_CREATE_LINK
  5050. 0: REG_OPTION_BACKUP_RESTORE
  5051. 0: REG_OPTION_OPEN_LINK
  5052. access_mask : 0x02000000 (33554432)
  5053. 0: KEY_QUERY_VALUE
  5054. 0: KEY_SET_VALUE
  5055. 0: KEY_CREATE_SUB_KEY
  5056. 0: KEY_ENUMERATE_SUB_KEYS
  5057. 0: KEY_NOTIFY
  5058. 0: KEY_CREATE_LINK
  5059. 0: KEY_WOW64_64KEY
  5060. 0: KEY_WOW64_32KEY
  5061. regkey_open_onelevel: name = [SYSTEM]
  5062. regdb_open: incrementing refcount (1->2)
  5063. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM]
  5064. pathtree_find: Enter [\HKLM\SYSTEM]
  5065. pathtree_find: Exit
  5066. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM]
  5067. regkey_open_onelevel: name = [CurrentControlSet]
  5068. regdb_open: incrementing refcount (2->3)
  5069. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet]
  5070. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet]
  5071. pathtree_find: Exit
  5072. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet]
  5073. regkey_open_onelevel: name = [Services]
  5074. regdb_open: incrementing refcount (3->4)
  5075. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services]
  5076. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services]
  5077. pathtree_find: Exit
  5078. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services]
  5079. regkey_open_onelevel: name = [Eventlog]
  5080. regdb_open: incrementing refcount (4->5)
  5081. reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  5082. pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  5083. pathtree_find: Exit
  5084. reghook_cache_find: found ops 0xb6c0524c for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  5085. regdb_close: decrementing refcount (5->4)
  5086. regdb_close: decrementing refcount (4->3)
  5087. regdb_close: decrementing refcount (3->2)
  5088. winreg_OpenKey: struct winreg_OpenKey
  5089. out: struct winreg_OpenKey
  5090. handle : *
  5091. handle: struct policy_handle
  5092. handle_type : 0x00000001 (1)
  5093. uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
  5094. result : WERR_OK
  5095. winreg_QueryInfoKey: struct winreg_QueryInfoKey
  5096. in: struct winreg_QueryInfoKey
  5097. handle : *
  5098. handle: struct policy_handle
  5099. handle_type : 0x00000001 (1)
  5100. uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
  5101. classname : *
  5102. classname: struct winreg_String
  5103. name_len : 0x0000 (0)
  5104. name_size : 0x0000 (0)
  5105. name : NULL
  5106. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0xb6c0524c)
  5107. regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  5108. regdb_unpack_values: value[0]: name[DisplayName] len[20]
  5109. regdb_unpack_values: value[1]: name[ErrorControl] len[4]
  5110. regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog]
  5111. winreg_QueryInfoKey: struct winreg_QueryInfoKey
  5112. out: struct winreg_QueryInfoKey
  5113. classname : *
  5114. classname: struct winreg_String
  5115. name_len : 0x0000 (0)
  5116. name_size : 0x0000 (0)
  5117. name : NULL
  5118. num_subkeys : *
  5119. num_subkeys : 0x00000000 (0)
  5120. max_subkeylen : *
  5121. max_subkeylen : 0x00000000 (0)
  5122. max_classlen : *
  5123. max_classlen : 0x00000000 (0)
  5124. num_values : *
  5125. num_values : 0x00000002 (2)
  5126. max_valnamelen : *
  5127. max_valnamelen : 0x0000001a (26)
  5128. max_valbufsize : *
  5129. max_valbufsize : 0x00000014 (20)
  5130. secdescsize : *
  5131. secdescsize : 0x00000078 (120)
  5132. last_changed_time : *
  5133. last_changed_time : NTTIME(0)
  5134. result : WERR_OK
  5135. winreg_CloseKey: struct winreg_CloseKey
  5136. in: struct winreg_CloseKey
  5137. handle : *
  5138. handle: struct policy_handle
  5139. handle_type : 0x00000001 (1)
  5140. uuid : e7f396b6-1f78-498e-a4be-c4f4d44c134b
  5141. regdb_close: decrementing refcount (2->1)
  5142. winreg_CloseKey: struct winreg_CloseKey
  5143. out: struct winreg_CloseKey
  5144. handle : *
  5145. handle: struct policy_handle
  5146. handle_type : 0x00000000 (0)
  5147. uuid : 00000000-0000-0000-0000-000000000000
  5148. result : WERR_OK
  5149. regdb_close: decrementing refcount (1->0)
  5150. dcesrv_interface_register: Interface 'eventlog' registered on endpoint 'ncacn_np:[\pipe\eventlog]' (single process required)
  5151. dcesrv_interface_register: Interface 'initshutdown' registered on endpoint 'ncacn_np:[\pipe\InitShutdown]' (single process required)
  5152. dcesrv_init: Initializing DCE/RPC connection endpoints
  5153. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\InitShutdown]'
  5154. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 25 for initshutdown
  5155. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\InitShutdown]' for 'initshutdown' 'mgmt'
  5156. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\eventlog]'
  5157. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 26 for eventlog
  5158. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\eventlog]' for 'eventlog' 'mgmt'
  5159. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\plugplay]'
  5160. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 27 for plugplay
  5161. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\plugplay]' for 'ntsvcs' 'mgmt'
  5162. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\ntsvcs]'
  5163. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 28 for ntsvcs
  5164. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\ntsvcs]' for 'ntsvcs' 'mgmt'
  5165. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\svcctl]'
  5166. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 29 for svcctl
  5167. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\svcctl]' for 'svcctl' 'mgmt'
  5168. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\wkssvc]'
  5169. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 30 for wkssvc
  5170. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\wkssvc]' for 'wkssvc' 'mgmt'
  5171. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\netdfs]'
  5172. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 31 for netdfs
  5173. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\netdfs]' for 'netdfs' 'mgmt'
  5174. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\samr]'
  5175. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 32 for samr
  5176. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\samr]' for 'samr' 'mgmt'
  5177. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\lsass]'
  5178. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 33 for lsass
  5179. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\lsass]' for 'dssetup' 'lsarpc' 'mgmt'
  5180. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\lsarpc]'
  5181. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 34 for lsarpc
  5182. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\lsarpc]' for 'dssetup' 'lsarpc' 'mgmt'
  5183. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\netlogon]'
  5184. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 35 for netlogon
  5185. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\netlogon]' for 'lsarpc' 'mgmt'
  5186. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\srvsvc]'
  5187. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 36 for srvsvc
  5188. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\srvsvc]' for 'srvsvc' 'mgmt'
  5189. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncalrpc:'
  5190. dcesrv_create_ncalrpc_socket: Opened ncalrpc socket fd '37' for '/var/run/samba/ncalrpc/DEFAULT'
  5191. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncalrpc:[DEFAULT]' for 'svcctl' 'wkssvc' 'dssetup' 'netdfs' 'samr' 'lsarpc' 'srvsvc' 'winreg' 'mgmt'
  5192. dcesrv_setup_endpoint_sockets: Setting up endpoint 'ncacn_np:[\pipe\winreg]'
  5193. dcesrv_create_ncacn_np_socket: Opened pipe socket fd 38 for winreg
  5194. dcesrv_setup_endpoint_sockets: Successfully listening on 'ncacn_np:[\pipe\winreg]' for 'winreg' 'mgmt'
  5195. daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
  5196. bind succeeded on port 445
  5197. Socket options:
  5198. SO_KEEPALIVE = 1
  5199. SO_REUSEADDR = 1
  5200. SO_BROADCAST = 0
  5201. TCP_NODELAY = 0
  5202. TCP_KEEPCNT = 9
  5203. TCP_KEEPIDLE = 120
  5204. TCP_KEEPINTVL = 75
  5205. IPTOS_LOWDELAY = 0
  5206. IPTOS_THROUGHPUT = 0
  5207. SO_REUSEPORT = 1
  5208. SO_SNDBUF = 16384
  5209. SO_RCVBUF = 131072
  5210. SO_SNDLOWAT = 1
  5211. SO_RCVLOWAT = 1
  5212. SO_SNDTIMEO = 0
  5213. SO_RCVTIMEO = 0
  5214. TCP_QUICKACK = 1
  5215. TCP_DEFER_ACCEPT = 0
  5216. TCP_USER_TIMEOUT = 0
  5217. Socket options:
  5218. SO_KEEPALIVE = 1
  5219. SO_REUSEADDR = 1
  5220. SO_BROADCAST = 0
  5221. TCP_NODELAY = 1
  5222. TCP_KEEPCNT = 9
  5223. TCP_KEEPIDLE = 120
  5224. TCP_KEEPINTVL = 75
  5225. IPTOS_LOWDELAY = 16
  5226. IPTOS_THROUGHPUT = 16
  5227. SO_REUSEPORT = 1
  5228. SO_SNDBUF = 16384
  5229. SO_RCVBUF = 131072
  5230. SO_SNDLOWAT = 1
  5231. SO_RCVLOWAT = 1
  5232. SO_SNDTIMEO = 0
  5233. SO_RCVTIMEO = 0
  5234. TCP_QUICKACK = 1
  5235. TCP_DEFER_ACCEPT = 0
  5236. TCP_USER_TIMEOUT = 0
  5237. bind succeeded on port 445
  5238. Socket options:
  5239. SO_KEEPALIVE = 1
  5240. SO_REUSEADDR = 1
  5241. SO_BROADCAST = 0
  5242. TCP_NODELAY = 0
  5243. TCP_KEEPCNT = 9
  5244. TCP_KEEPIDLE = 120
  5245. TCP_KEEPINTVL = 75
  5246. IPTOS_LOWDELAY = 0
  5247. IPTOS_THROUGHPUT = 0
  5248. SO_REUSEPORT = 1
  5249. SO_SNDBUF = 16384
  5250. SO_RCVBUF = 131072
  5251. SO_SNDLOWAT = 1
  5252. SO_RCVLOWAT = 1
  5253. SO_SNDTIMEO = 0
  5254. SO_RCVTIMEO = 0
  5255. TCP_QUICKACK = 1
  5256. TCP_DEFER_ACCEPT = 0
  5257. TCP_USER_TIMEOUT = 0
  5258. Socket options:
  5259. SO_KEEPALIVE = 1
  5260. SO_REUSEADDR = 1
  5261. SO_BROADCAST = 0
  5262. TCP_NODELAY = 1
  5263. TCP_KEEPCNT = 9
  5264. TCP_KEEPIDLE = 120
  5265. TCP_KEEPINTVL = 75
  5266. IPTOS_LOWDELAY = 16
  5267. IPTOS_THROUGHPUT = 16
  5268. SO_REUSEPORT = 1
  5269. SO_SNDBUF = 16384
  5270. SO_RCVBUF = 131072
  5271. SO_SNDLOWAT = 1
  5272. SO_RCVLOWAT = 1
  5273. SO_SNDTIMEO = 0
  5274. SO_RCVTIMEO = 0
  5275. TCP_QUICKACK = 1
  5276. TCP_DEFER_ACCEPT = 0
  5277. TCP_USER_TIMEOUT = 0
  5278. Registering messaging pointer for type 13 - private_data=0
  5279. Registering messaging pointer for type 33 - private_data=0xb5e6ce70
  5280. Registering messaging pointer for type 783 - private_data=0
  5281. Registering messaging pointer for type 1 - private_data=0
  5282. Overriding messaging pointer for type 1 - private_data=0
  5283. Registering messaging pointer for type 770 - private_data=0
  5284. Registering messaging pointer for type 801 - private_data=0
  5285. Registering messaging pointer for type 790 - private_data=0
  5286. Registering messaging pointer for type 791 - private_data=0
  5287. Registering messaging pointer for type 15 - private_data=0
  5288. Registering messaging pointer for type 16 - private_data=0
  5289. Registering messaging pointer for type 799 - private_data=0
  5290. waiting for connections
  5291. messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2814
  5292. messaging_dgm_send: Sending message to 2815
  5293. messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2812
  5294. messaging_dgm_send: Sending message to 2814
  5295. messaging_recv_cb: Received message 0x31f len 0 (num_fds:0) from 2812
  5296. msg_dgm_ref_destructor: refs=0
  5297. messaging_dgm_ref: messaging_dgm_init returned No error information
  5298. messaging_dgm_ref: unique = 10169109332985008142
  5299. Registered MSG_REQ_POOL_USAGE
  5300. Attempting to find a passdb backend to match smbpasswd (smbpasswd)
  5301. Found pdb backend smbpasswd
  5302. pdb backend smbpasswd has a valid init
  5303. smbXsrv_client_create: client_guid[00000000-0000-0000-0000-000000000000] created
  5304. &client_blob: struct smbXsrv_clientB
  5305. version : SMBXSRV_VERSION_0 (0)
  5306. reserved : 0x00000000 (0)
  5307. info : union smbXsrv_clientU(case 0)
  5308. info0 : *
  5309. info0: struct smbXsrv_client
  5310. table : *
  5311. raw_ev_ctx : *
  5312. msg_ctx : *
  5313. global : *
  5314. global: struct smbXsrv_client_global0
  5315. db_rec : NULL
  5316. server_id: struct server_id
  5317. pid : 0x0000000000000b00 (2816)
  5318. task_id : 0x00000000 (0)
  5319. vnn : 0xffffffff (4294967295)
  5320. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5321. local_address : NULL
  5322. remote_address : NULL
  5323. remote_name : NULL
  5324. initial_connect_time : Fri Jun 17 06:24:29 2022 UTC
  5325. client_guid : 00000000-0000-0000-0000-000000000000
  5326. stored : 0x00 (0)
  5327. sconn : NULL
  5328. session_table : NULL
  5329. tcon_table : NULL
  5330. open_table : NULL
  5331. connections : NULL
  5332. server_multi_channel_enabled: 0x00 (0)
  5333. next_channel_id : 0x0000000000000000 (0)
  5334. connection_pass_subreq : NULL
  5335. pending_breaks : NULL
  5336. Socket options:
  5337. SO_KEEPALIVE = 1
  5338. SO_REUSEADDR = 1
  5339. SO_BROADCAST = 0
  5340. TCP_NODELAY = 1
  5341. TCP_KEEPCNT = 9
  5342. TCP_KEEPIDLE = 120
  5343. TCP_KEEPINTVL = 75
  5344. IPTOS_LOWDELAY = 16
  5345. IPTOS_THROUGHPUT = 16
  5346. SO_REUSEPORT = 1
  5347. SO_SNDBUF = 44800
  5348. SO_RCVBUF = 131072
  5349. SO_SNDLOWAT = 1
  5350. SO_RCVLOWAT = 1
  5351. SO_SNDTIMEO = 0
  5352. SO_RCVTIMEO = 0
  5353. TCP_QUICKACK = 1
  5354. TCP_DEFER_ACCEPT = 0
  5355. TCP_USER_TIMEOUT = 0
  5356. Socket options:
  5357. SO_KEEPALIVE = 1
  5358. SO_REUSEADDR = 1
  5359. SO_BROADCAST = 0
  5360. TCP_NODELAY = 1
  5361. TCP_KEEPCNT = 9
  5362. TCP_KEEPIDLE = 120
  5363. TCP_KEEPINTVL = 75
  5364. IPTOS_LOWDELAY = 16
  5365. IPTOS_THROUGHPUT = 16
  5366. SO_REUSEPORT = 1
  5367. SO_SNDBUF = 44800
  5368. SO_RCVBUF = 131072
  5369. SO_SNDLOWAT = 1
  5370. SO_RCVLOWAT = 1
  5371. SO_SNDTIMEO = 0
  5372. SO_RCVTIMEO = 0
  5373. TCP_QUICKACK = 1
  5374. TCP_DEFER_ACCEPT = 0
  5375. TCP_USER_TIMEOUT = 0
  5376. Allowed connection from 192.168.1.10 (192.168.1.10)
  5377. Connection allowed from ipv4:192.168.1.10:33674 to ipv4:192.168.1.250:445
  5378. INFO: Current debug levels:
  5379. all: 10
  5380. tdb: 10
  5381. printdrivers: 10
  5382. lanman: 10
  5383. smb: 10
  5384. rpc_parse: 10
  5385. rpc_srv: 10
  5386. rpc_cli: 10
  5387. passdb: 10
  5388. sam: 10
  5389. auth: 10
  5390. winbind: 10
  5391. vfs: 10
  5392. idmap: 10
  5393. quota: 10
  5394. acls: 10
  5395. locking: 10
  5396. msdfs: 10
  5397. dmapi: 10
  5398. registry: 10
  5399. scavenger: 10
  5400. dns: 10
  5401. ldb: 10
  5402. tevent: 10
  5403. auth_audit: 10
  5404. auth_json_audit: 10
  5405. kerberos: 10
  5406. drs_repl: 10
  5407. smb2: 10
  5408. smb2_credits: 10
  5409. dsdb_audit: 10
  5410. dsdb_json_audit: 10
  5411. dsdb_password_audit: 10
  5412. dsdb_password_json_audit: 10
  5413. dsdb_transaction_audit: 10
  5414. dsdb_transaction_json_audit: 10
  5415. dsdb_group_audit: 10
  5416. dsdb_group_json_audit: 10
  5417. lp_file_list_changed()
  5418. file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
  5419. init_oplocks: initializing messages.
  5420. Registering messaging pointer for type 774 - private_data=0xb5a30e70
  5421. Registering messaging pointer for type 778 - private_data=0xb5a30e70
  5422. Registering messaging pointer for type 770 - private_data=0xb5a30e70
  5423. Registering messaging pointer for type 801 - private_data=0xb5a30e70
  5424. Registering messaging pointer for type 787 - private_data=0xb5a30e70
  5425. Registering messaging pointer for type 779 - private_data=0xb5a30e70
  5426. Registering messaging pointer for type 15 - private_data=0
  5427. Overriding messaging pointer for type 15 - private_data=0
  5428. Deregistering messaging pointer for type 16 - private_data=0
  5429. Registering messaging pointer for type 16 - private_data=0xb5a30e70
  5430. Deregistering messaging pointer for type 33 - private_data=0xb5e6ce70
  5431. Registering messaging pointer for type 33 - private_data=0xb5a30e70
  5432. Deregistering messaging pointer for type 790 - private_data=0
  5433. Registering messaging pointer for type 790 - private_data=0xb5a30e70
  5434. Deregistering messaging pointer for type 791 - private_data=0
  5435. Deregistering messaging pointer for type 1 - private_data=0
  5436. Registering messaging pointer for type 1 - private_data=0
  5437. event_add_idle: idle_evt(keepalive) 0xb52367c0
  5438. event_add_idle: idle_evt(deadtime) 0xb5236840
  5439. event_add_idle: idle_evt(housekeeping) 0xb52368c0
  5440. got smb length of 166
  5441. got message type 0x0 of len 0xa6
  5442. Transaction 0 of length 170 (0 toread)
  5443. smbd_smb2_first_negprot: packet length 166
  5444. smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 0 (position 0) from bitmap
  5445. smbd_smb2_request_dispatch: opcode[SMB2_OP_NEGPROT] mid = 0
  5446. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  5447. Security token: (NULL)
  5448. UNIX token of user 0
  5449. Primary group is 0 and contains 0 supplementary groups
  5450. change_to_root_user: now uid=(0,0) gid=(0,0)
  5451. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  5452. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  5453. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  5454. Security token: (NULL)
  5455. UNIX token of user 0
  5456. Primary group is 0 and contains 0 supplementary groups
  5457. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  5458. set_remote_arch: Client arch is 'Vista'
  5459. INFO: Current debug levels:
  5460. all: 10
  5461. tdb: 10
  5462. printdrivers: 10
  5463. lanman: 10
  5464. smb: 10
  5465. rpc_parse: 10
  5466. rpc_srv: 10
  5467. rpc_cli: 10
  5468. passdb: 10
  5469. sam: 10
  5470. auth: 10
  5471. winbind: 10
  5472. vfs: 10
  5473. idmap: 10
  5474. quota: 10
  5475. acls: 10
  5476. locking: 10
  5477. msdfs: 10
  5478. dmapi: 10
  5479. registry: 10
  5480. scavenger: 10
  5481. dns: 10
  5482. ldb: 10
  5483. tevent: 10
  5484. auth_audit: 10
  5485. auth_json_audit: 10
  5486. kerberos: 10
  5487. drs_repl: 10
  5488. smb2: 10
  5489. smb2_credits: 10
  5490. dsdb_audit: 10
  5491. dsdb_json_audit: 10
  5492. dsdb_password_audit: 10
  5493. dsdb_password_json_audit: 10
  5494. dsdb_transaction_audit: 10
  5495. dsdb_transaction_json_audit: 10
  5496. dsdb_group_audit: 10
  5497. dsdb_group_json_audit: 10
  5498. lp_file_list_changed()
  5499. file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Jun 17 06:07:48 2022
  5500. Selected protocol SMB3_11
  5501. make_auth3_context_for_ntlm: Making default auth method list for server role = 'standalone server', encrypt passwords = yes
  5502. Attempting to register auth backend anonymous
  5503. Successfully added auth method 'anonymous'
  5504. Attempting to register auth backend sam
  5505. Successfully added auth method 'sam'
  5506. Attempting to register auth backend sam_ignoredomain
  5507. Successfully added auth method 'sam_ignoredomain'
  5508. Attempting to register auth backend sam_netlogon3
  5509. Successfully added auth method 'sam_netlogon3'
  5510. Attempting to register auth backend unix
  5511. Successfully added auth method 'unix'
  5512. load_auth_module: Attempting to find an auth method to match anonymous
  5513. load_auth_module: auth method anonymous has a valid init
  5514. load_auth_module: Attempting to find an auth method to match sam_ignoredomain
  5515. load_auth_module: auth method sam_ignoredomain has a valid init
  5516. GENSEC backend 'gssapi_spnego' registered
  5517. GENSEC backend 'gssapi_krb5' registered
  5518. GENSEC backend 'gssapi_krb5_sasl' registered
  5519. GENSEC backend 'spnego' registered
  5520. GENSEC backend 'schannel' registered
  5521. GENSEC backend 'naclrpc_as_system' registered
  5522. GENSEC backend 'sasl-EXTERNAL' registered
  5523. GENSEC backend 'ntlmssp' registered
  5524. GENSEC backend 'ntlmssp_resume_ccache' registered
  5525. GENSEC backend 'http_basic' registered
  5526. GENSEC backend 'http_ntlm' registered
  5527. GENSEC backend 'http_negotiate' registered
  5528. Starting GENSEC mechanism spnego
  5529. Starting GENSEC submechanism ntlmssp
  5530. gensec_update_send: spnego[0xb522fe70]: subreq: 0xb68b1370
  5531. gensec_update_done: spnego[0xb522fe70]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb68b1370/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0xb68b1450)] timer[0] finish[../../auth/gensec/spnego.c:2116]
  5532. smbd_smb2_request_done_ex: mid [0] idx[1] status[NT_STATUS_OK] body[64] dyn[yes:140] at ../../source3/smbd/smb2_negprot.c:667
  5533. smb2_set_operation_credit: smb2_set_operation_credit: requested 31, charge 1, granted 1, current possible/max 8192/8192, total granted/max/low/range 1/8192/1/1
  5534. smbd_smb2_request idx[1] of 5 vectors
  5535. smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 1 (position 1) from bitmap
  5536. smbd_smb2_request_dispatch: opcode[SMB2_OP_SESSSETUP] mid = 1
  5537. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  5538. Security token: (NULL)
  5539. UNIX token of user 0
  5540. Primary group is 0 and contains 0 supplementary groups
  5541. change_to_root_user: now uid=(0,0) gid=(0,0)
  5542. dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5543. lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
  5544. db_tdb_log_key: Locking key 7E555992
  5545. db_tdb_fetch_locked_internal: Allocated locked data 0xb6388cd0
  5546. dbwrap_watched_subrec_wakeup_fn: No watchers
  5547. smbXsrv_session_global_store: key '7E555992' stored
  5548. &global_blob: struct smbXsrv_session_globalB
  5549. version : SMBXSRV_VERSION_0 (0)
  5550. seqnum : 0x00000001 (1)
  5551. info : union smbXsrv_session_globalU(case 0)
  5552. info0 : *
  5553. info0: struct smbXsrv_session_global0
  5554. db_rec : *
  5555. session_global_id : 0x7e555992 (2119522706)
  5556. session_wire_id : 0x000000007e555992 (2119522706)
  5557. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5558. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  5559. auth_time : NTTIME(0)
  5560. auth_session_info_seqnum : 0x00000000 (0)
  5561. auth_session_info : NULL
  5562. connection_dialect : 0x0311 (785)
  5563. signing_flags : 0x00 (0)
  5564. 0: SMBXSRV_SIGNING_REQUIRED
  5565. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  5566. 0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  5567. encryption_flags : 0x00 (0)
  5568. 0: SMBXSRV_ENCRYPTION_REQUIRED
  5569. 0: SMBXSRV_ENCRYPTION_DESIRED
  5570. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  5571. 0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  5572. signing_key : NULL
  5573. encryption_key : NULL
  5574. decryption_key : NULL
  5575. num_channels : 0x00000001 (1)
  5576. channels: ARRAY(1)
  5577. channels: struct smbXsrv_channel_global0
  5578. server_id: struct server_id
  5579. pid : 0x0000000000000b00 (2816)
  5580. task_id : 0x00000000 (0)
  5581. vnn : 0xffffffff (4294967295)
  5582. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5583. channel_id : 0x0000000000000000 (0)
  5584. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5585. local_address : 'ipv4:192.168.1.250:445'
  5586. remote_address : 'ipv4:192.168.1.10:33674'
  5587. remote_name : '192.168.1.10'
  5588. signing_key : NULL
  5589. auth_session_info_seqnum : 0x00000000 (0)
  5590. connection : *
  5591. encryption_cipher : 0x0000 (0)
  5592. dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5593. db_tdb_log_key: Unlocking key 7E555992
  5594. smbXsrv_session_create: global_id (0x7e555992) stored
  5595. &session_blob: struct smbXsrv_sessionB
  5596. version : SMBXSRV_VERSION_0 (0)
  5597. reserved : 0x00000000 (0)
  5598. info : union smbXsrv_sessionU(case 0)
  5599. info0 : *
  5600. info0: struct smbXsrv_session
  5601. table : *
  5602. db_rec : NULL
  5603. client : *
  5604. local_id : 0x7e555992 (2119522706)
  5605. global : *
  5606. global: struct smbXsrv_session_global0
  5607. db_rec : NULL
  5608. session_global_id : 0x7e555992 (2119522706)
  5609. session_wire_id : 0x000000007e555992 (2119522706)
  5610. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5611. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  5612. auth_time : NTTIME(0)
  5613. auth_session_info_seqnum : 0x00000000 (0)
  5614. auth_session_info : NULL
  5615. connection_dialect : 0x0311 (785)
  5616. signing_flags : 0x00 (0)
  5617. 0: SMBXSRV_SIGNING_REQUIRED
  5618. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  5619. 0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  5620. encryption_flags : 0x00 (0)
  5621. 0: SMBXSRV_ENCRYPTION_REQUIRED
  5622. 0: SMBXSRV_ENCRYPTION_DESIRED
  5623. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  5624. 0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  5625. signing_key : NULL
  5626. encryption_key : NULL
  5627. decryption_key : NULL
  5628. num_channels : 0x00000001 (1)
  5629. channels: ARRAY(1)
  5630. channels: struct smbXsrv_channel_global0
  5631. server_id: struct server_id
  5632. pid : 0x0000000000000b00 (2816)
  5633. task_id : 0x00000000 (0)
  5634. vnn : 0xffffffff (4294967295)
  5635. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5636. channel_id : 0x0000000000000000 (0)
  5637. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5638. local_address : 'ipv4:192.168.1.250:445'
  5639. remote_address : 'ipv4:192.168.1.10:33674'
  5640. remote_name : '192.168.1.10'
  5641. signing_key : NULL
  5642. auth_session_info_seqnum : 0x00000000 (0)
  5643. connection : *
  5644. encryption_cipher : 0x0000 (0)
  5645. status : NT_STATUS_MORE_PROCESSING_REQUIRED
  5646. idle_time : Fri Jun 17 06:24:29 2022 UTC
  5647. nonce_high_random : 0x0000000000000000 (0)
  5648. nonce_high_max : 0x0000000000000000 (0)
  5649. nonce_high : 0x0000000000000000 (0)
  5650. nonce_low : 0x0000000000000000 (0)
  5651. tcon_table : *
  5652. homes_snum : 0xffffffff (4294967295)
  5653. pending_auth : NULL
  5654. make_auth3_context_for_ntlm: Making default auth method list for server role = 'standalone server', encrypt passwords = yes
  5655. load_auth_module: Attempting to find an auth method to match anonymous
  5656. load_auth_module: auth method anonymous has a valid init
  5657. load_auth_module: Attempting to find an auth method to match sam_ignoredomain
  5658. load_auth_module: auth method sam_ignoredomain has a valid init
  5659. Starting GENSEC mechanism spnego
  5660. dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5661. lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
  5662. db_tdb_log_key: Locking key 7E555992
  5663. db_tdb_fetch_locked_internal: Allocated locked data 0xb6553cc0
  5664. dbwrap_watched_subrec_wakeup_fn: No watchers
  5665. smbXsrv_session_global_store: key '7E555992' stored
  5666. &global_blob: struct smbXsrv_session_globalB
  5667. version : SMBXSRV_VERSION_0 (0)
  5668. seqnum : 0x00000002 (2)
  5669. info : union smbXsrv_session_globalU(case 0)
  5670. info0 : *
  5671. info0: struct smbXsrv_session_global0
  5672. db_rec : *
  5673. session_global_id : 0x7e555992 (2119522706)
  5674. session_wire_id : 0x000000007e555992 (2119522706)
  5675. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5676. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  5677. auth_time : NTTIME(0)
  5678. auth_session_info_seqnum : 0x00000000 (0)
  5679. auth_session_info : NULL
  5680. connection_dialect : 0x0311 (785)
  5681. signing_flags : 0x00 (0)
  5682. 0: SMBXSRV_SIGNING_REQUIRED
  5683. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  5684. 0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  5685. encryption_flags : 0x00 (0)
  5686. 0: SMBXSRV_ENCRYPTION_REQUIRED
  5687. 0: SMBXSRV_ENCRYPTION_DESIRED
  5688. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  5689. 0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  5690. signing_key : NULL
  5691. encryption_key : NULL
  5692. decryption_key : NULL
  5693. num_channels : 0x00000001 (1)
  5694. channels: ARRAY(1)
  5695. channels: struct smbXsrv_channel_global0
  5696. server_id: struct server_id
  5697. pid : 0x0000000000000b00 (2816)
  5698. task_id : 0x00000000 (0)
  5699. vnn : 0xffffffff (4294967295)
  5700. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5701. channel_id : 0x0000000000000000 (0)
  5702. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5703. local_address : 'ipv4:192.168.1.250:445'
  5704. remote_address : 'ipv4:192.168.1.10:33674'
  5705. remote_name : '192.168.1.10'
  5706. signing_key : NULL
  5707. auth_session_info_seqnum : 0x00000000 (0)
  5708. connection : *
  5709. encryption_cipher : 0x0000 (0)
  5710. dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5711. db_tdb_log_key: Unlocking key 7E555992
  5712. smbXsrv_session_update: global_id (0x7e555992) stored
  5713. &session_blob: struct smbXsrv_sessionB
  5714. version : SMBXSRV_VERSION_0 (0)
  5715. reserved : 0x00000000 (0)
  5716. info : union smbXsrv_sessionU(case 0)
  5717. info0 : *
  5718. info0: struct smbXsrv_session
  5719. table : *
  5720. db_rec : NULL
  5721. client : *
  5722. local_id : 0x7e555992 (2119522706)
  5723. global : *
  5724. global: struct smbXsrv_session_global0
  5725. db_rec : NULL
  5726. session_global_id : 0x7e555992 (2119522706)
  5727. session_wire_id : 0x000000007e555992 (2119522706)
  5728. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5729. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  5730. auth_time : NTTIME(0)
  5731. auth_session_info_seqnum : 0x00000000 (0)
  5732. auth_session_info : NULL
  5733. connection_dialect : 0x0311 (785)
  5734. signing_flags : 0x00 (0)
  5735. 0: SMBXSRV_SIGNING_REQUIRED
  5736. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  5737. 0: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  5738. encryption_flags : 0x00 (0)
  5739. 0: SMBXSRV_ENCRYPTION_REQUIRED
  5740. 0: SMBXSRV_ENCRYPTION_DESIRED
  5741. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  5742. 0: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  5743. signing_key : NULL
  5744. encryption_key : NULL
  5745. decryption_key : NULL
  5746. num_channels : 0x00000001 (1)
  5747. channels: ARRAY(1)
  5748. channels: struct smbXsrv_channel_global0
  5749. server_id: struct server_id
  5750. pid : 0x0000000000000b00 (2816)
  5751. task_id : 0x00000000 (0)
  5752. vnn : 0xffffffff (4294967295)
  5753. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5754. channel_id : 0x0000000000000000 (0)
  5755. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5756. local_address : 'ipv4:192.168.1.250:445'
  5757. remote_address : 'ipv4:192.168.1.10:33674'
  5758. remote_name : '192.168.1.10'
  5759. signing_key : NULL
  5760. auth_session_info_seqnum : 0x00000000 (0)
  5761. connection : *
  5762. encryption_cipher : 0x0000 (0)
  5763. status : NT_STATUS_MORE_PROCESSING_REQUIRED
  5764. idle_time : Fri Jun 17 06:24:29 2022 UTC
  5765. nonce_high_random : 0x0000000000000000 (0)
  5766. nonce_high_max : 0x0000000000000000 (0)
  5767. nonce_high : 0x0000000000000000 (0)
  5768. nonce_low : 0x0000000000000000 (0)
  5769. tcon_table : *
  5770. homes_snum : 0xffffffff (4294967295)
  5771. pending_auth : *
  5772. pending_auth: struct smbXsrv_session_auth0
  5773. prev : *
  5774. next : NULL
  5775. session : *
  5776. connection : *
  5777. gensec : *
  5778. preauth : *
  5779. in_flags : 0x00 (0)
  5780. in_security_mode : 0x01 (1)
  5781. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5782. idle_time : Fri Jun 17 06:24:29 2022 UTC
  5783. channel_id : 0x0000000000000000 (0)
  5784. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  5785. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  5786. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  5787. Security token: (NULL)
  5788. UNIX token of user 0
  5789. Primary group is 0 and contains 0 supplementary groups
  5790. Starting GENSEC submechanism ntlmssp
  5791. Got NTLMSSP neg_flags=0x62088215
  5792. NTLMSSP_NEGOTIATE_UNICODE
  5793. NTLMSSP_REQUEST_TARGET
  5794. NTLMSSP_NEGOTIATE_SIGN
  5795. NTLMSSP_NEGOTIATE_NTLM
  5796. NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  5797. NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  5798. NTLMSSP_NEGOTIATE_VERSION
  5799. NTLMSSP_NEGOTIATE_128
  5800. NTLMSSP_NEGOTIATE_KEY_EXCH
  5801. negotiate: struct NEGOTIATE_MESSAGE
  5802. Signature : 'NTLMSSP'
  5803. MessageType : NtLmNegotiate (1)
  5804. NegotiateFlags : 0x62088215 (1644724757)
  5805. 1: NTLMSSP_NEGOTIATE_UNICODE
  5806. 0: NTLMSSP_NEGOTIATE_OEM
  5807. 1: NTLMSSP_REQUEST_TARGET
  5808. 1: NTLMSSP_NEGOTIATE_SIGN
  5809. 0: NTLMSSP_NEGOTIATE_SEAL
  5810. 0: NTLMSSP_NEGOTIATE_DATAGRAM
  5811. 0: NTLMSSP_NEGOTIATE_LM_KEY
  5812. 0: NTLMSSP_NEGOTIATE_NETWARE
  5813. 1: NTLMSSP_NEGOTIATE_NTLM
  5814. 0: NTLMSSP_NEGOTIATE_NT_ONLY
  5815. 0: NTLMSSP_ANONYMOUS
  5816. 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
  5817. 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
  5818. 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
  5819. 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  5820. 0: NTLMSSP_TARGET_TYPE_DOMAIN
  5821. 0: NTLMSSP_TARGET_TYPE_SERVER
  5822. 0: NTLMSSP_TARGET_TYPE_SHARE
  5823. 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  5824. 0: NTLMSSP_NEGOTIATE_IDENTIFY
  5825. 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
  5826. 0: NTLMSSP_NEGOTIATE_TARGET_INFO
  5827. 1: NTLMSSP_NEGOTIATE_VERSION
  5828. 1: NTLMSSP_NEGOTIATE_128
  5829. 1: NTLMSSP_NEGOTIATE_KEY_EXCH
  5830. 0: NTLMSSP_NEGOTIATE_56
  5831. DomainNameLen : 0x0000 (0)
  5832. DomainNameMaxLen : 0x0000 (0)
  5833. DomainName : *
  5834. DomainName : ''
  5835. WorkstationLen : 0x0000 (0)
  5836. WorkstationMaxLen : 0x0000 (0)
  5837. Workstation : *
  5838. Workstation : ''
  5839. Version: struct ntlmssp_VERSION
  5840. ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
  5841. ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
  5842. ProductBuild : 0x0000 (0)
  5843. Reserved: ARRAY(3)
  5844. [0] : 0x00 (0)
  5845. [1] : 0x00 (0)
  5846. [2] : 0x00 (0)
  5847. NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15)
  5848. short string '', sent with NULL termination despite NOTERM flag in IDL
  5849. challenge: struct CHALLENGE_MESSAGE
  5850. Signature : 'NTLMSSP'
  5851. MessageType : NtLmChallenge (0x2)
  5852. TargetNameLen : 0x000c (12)
  5853. TargetNameMaxLen : 0x000c (12)
  5854. TargetName : *
  5855. TargetName : 'ZALUPA'
  5856. NegotiateFlags : 0x628a8215 (1653244437)
  5857. 1: NTLMSSP_NEGOTIATE_UNICODE
  5858. 0: NTLMSSP_NEGOTIATE_OEM
  5859. 1: NTLMSSP_REQUEST_TARGET
  5860. 1: NTLMSSP_NEGOTIATE_SIGN
  5861. 0: NTLMSSP_NEGOTIATE_SEAL
  5862. 0: NTLMSSP_NEGOTIATE_DATAGRAM
  5863. 0: NTLMSSP_NEGOTIATE_LM_KEY
  5864. 0: NTLMSSP_NEGOTIATE_NETWARE
  5865. 1: NTLMSSP_NEGOTIATE_NTLM
  5866. 0: NTLMSSP_NEGOTIATE_NT_ONLY
  5867. 0: NTLMSSP_ANONYMOUS
  5868. 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
  5869. 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
  5870. 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
  5871. 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  5872. 0: NTLMSSP_TARGET_TYPE_DOMAIN
  5873. 1: NTLMSSP_TARGET_TYPE_SERVER
  5874. 0: NTLMSSP_TARGET_TYPE_SHARE
  5875. 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  5876. 0: NTLMSSP_NEGOTIATE_IDENTIFY
  5877. 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
  5878. 1: NTLMSSP_NEGOTIATE_TARGET_INFO
  5879. 1: NTLMSSP_NEGOTIATE_VERSION
  5880. 1: NTLMSSP_NEGOTIATE_128
  5881. 1: NTLMSSP_NEGOTIATE_KEY_EXCH
  5882. 0: NTLMSSP_NEGOTIATE_56
  5883. ServerChallenge : f14c1b3240d37380
  5884. Reserved : 0000000000000000
  5885. TargetInfoLen : 0x004c (76)
  5886. TargetInfoMaxLen : 0x004c (76)
  5887. TargetInfo : *
  5888. TargetInfo: struct AV_PAIR_LIST
  5889. count : 0x00000006 (6)
  5890. pair: ARRAY(6)
  5891. pair: struct AV_PAIR
  5892. AvId : MsvAvNbDomainName (0x2)
  5893. AvLen : 0x000c (12)
  5894. Value : union ntlmssp_AvValue(case 0x2)
  5895. AvNbDomainName : 'ZALUPA'
  5896. pair: struct AV_PAIR
  5897. AvId : MsvAvNbComputerName (0x1)
  5898. AvLen : 0x000c (12)
  5899. Value : union ntlmssp_AvValue(case 0x1)
  5900. AvNbComputerName : 'ZALUPA'
  5901. pair: struct AV_PAIR
  5902. AvId : MsvAvDnsDomainName (0x4)
  5903. AvLen : 0x0002 (2)
  5904. Value : union ntlmssp_AvValue(case 0x4)
  5905. AvDnsDomainName : ''
  5906. pair: struct AV_PAIR
  5907. AvId : MsvAvDnsComputerName (0x3)
  5908. AvLen : 0x0012 (18)
  5909. Value : union ntlmssp_AvValue(case 0x3)
  5910. AvDnsComputerName : 'localhost'
  5911. pair: struct AV_PAIR
  5912. AvId : MsvAvTimestamp (0x7)
  5913. AvLen : 0x0008 (8)
  5914. Value : union ntlmssp_AvValue(case 0x7)
  5915. AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
  5916. pair: struct AV_PAIR
  5917. AvId : MsvAvEOL (0x0)
  5918. AvLen : 0x0000 (0)
  5919. Value : union ntlmssp_AvValue(case 0x0)
  5920. Version: struct ntlmssp_VERSION
  5921. ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6)
  5922. ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1)
  5923. ProductBuild : 0x0000 (0)
  5924. Reserved : 000000
  5925. NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF)
  5926. gensec_update_send: ntlmssp[0xb5236bc0]: subreq: 0xb546dc80
  5927. gensec_update_send: spnego[0xb5236a40]: subreq: 0xb59ce370
  5928. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  5929. gensec_update_done: ntlmssp[0xb5236bc0]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb546dc80/../../auth/ntlmssp/ntlmssp.c:180]: state[2] error[0 (0x0)] state[struct gensec_ntlmssp_update_state (0xb546dd60)] timer[0] finish[../../auth/ntlmssp/ntlmssp.c:215]
  5930. gensec_update_done: spnego[0xb5236a40]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0xb59ce370/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0xb59ce450)] timer[0] finish[../../auth/gensec/spnego.c:2116]
  5931. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  5932. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  5933. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  5934. Security token: (NULL)
  5935. UNIX token of user 0
  5936. Primary group is 0 and contains 0 supplementary groups
  5937. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  5938. smbd_smb2_request_done_ex: mid [1] idx[1] status[NT_STATUS_MORE_PROCESSING_REQUIRED] body[8] dyn[yes:175] at ../../source3/smbd/smb2_sesssetup.c:183
  5939. smb2_set_operation_credit: smb2_set_operation_credit: requested 8192, charge 1, granted 1, current possible/max 8192/8192, total granted/max/low/range 1/8192/2/1
  5940. smbd_smb2_request idx[1] of 5 vectors
  5941. smb2_validate_sequence_number: smb2_validate_sequence_number: clearing id 2 (position 2) from bitmap
  5942. smbd_smb2_request_dispatch: opcode[SMB2_OP_SESSSETUP] mid = 2
  5943. dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5944. lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
  5945. db_tdb_log_key: Locking key 7E555992
  5946. db_tdb_fetch_locked_internal: Allocated locked data 0xb695fe10
  5947. dbwrap_watched_subrec_wakeup_fn: No watchers
  5948. smbXsrv_session_global_store: key '7E555992' stored
  5949. &global_blob: struct smbXsrv_session_globalB
  5950. version : SMBXSRV_VERSION_0 (0)
  5951. seqnum : 0x00000003 (3)
  5952. info : union smbXsrv_session_globalU(case 0)
  5953. info0 : *
  5954. info0: struct smbXsrv_session_global0
  5955. db_rec : *
  5956. session_global_id : 0x7e555992 (2119522706)
  5957. session_wire_id : 0x000000007e555992 (2119522706)
  5958. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5959. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  5960. auth_time : NTTIME(0)
  5961. auth_session_info_seqnum : 0x00000000 (0)
  5962. auth_session_info : NULL
  5963. connection_dialect : 0x0311 (785)
  5964. signing_flags : 0x04 (4)
  5965. 0: SMBXSRV_SIGNING_REQUIRED
  5966. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  5967. 1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  5968. encryption_flags : 0x08 (8)
  5969. 0: SMBXSRV_ENCRYPTION_REQUIRED
  5970. 0: SMBXSRV_ENCRYPTION_DESIRED
  5971. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  5972. 1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  5973. signing_key : NULL
  5974. encryption_key : NULL
  5975. decryption_key : NULL
  5976. num_channels : 0x00000001 (1)
  5977. channels: ARRAY(1)
  5978. channels: struct smbXsrv_channel_global0
  5979. server_id: struct server_id
  5980. pid : 0x0000000000000b00 (2816)
  5981. task_id : 0x00000000 (0)
  5982. vnn : 0xffffffff (4294967295)
  5983. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  5984. channel_id : 0x0000000000000000 (0)
  5985. creation_time : Fri Jun 17 06:24:29 2022 UTC
  5986. local_address : 'ipv4:192.168.1.250:445'
  5987. remote_address : 'ipv4:192.168.1.10:33674'
  5988. remote_name : '192.168.1.10'
  5989. signing_key : NULL
  5990. auth_session_info_seqnum : 0x00000000 (0)
  5991. connection : *
  5992. encryption_cipher : 0x0000 (0)
  5993. dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
  5994. db_tdb_log_key: Unlocking key 7E555992
  5995. smbXsrv_session_update: global_id (0x7e555992) stored
  5996. &session_blob: struct smbXsrv_sessionB
  5997. version : SMBXSRV_VERSION_0 (0)
  5998. reserved : 0x00000000 (0)
  5999. info : union smbXsrv_sessionU(case 0)
  6000. info0 : *
  6001. info0: struct smbXsrv_session
  6002. table : *
  6003. db_rec : NULL
  6004. client : *
  6005. local_id : 0x7e555992 (2119522706)
  6006. global : *
  6007. global: struct smbXsrv_session_global0
  6008. db_rec : NULL
  6009. session_global_id : 0x7e555992 (2119522706)
  6010. session_wire_id : 0x000000007e555992 (2119522706)
  6011. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6012. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  6013. auth_time : NTTIME(0)
  6014. auth_session_info_seqnum : 0x00000000 (0)
  6015. auth_session_info : NULL
  6016. connection_dialect : 0x0311 (785)
  6017. signing_flags : 0x04 (4)
  6018. 0: SMBXSRV_SIGNING_REQUIRED
  6019. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  6020. 1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  6021. encryption_flags : 0x08 (8)
  6022. 0: SMBXSRV_ENCRYPTION_REQUIRED
  6023. 0: SMBXSRV_ENCRYPTION_DESIRED
  6024. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  6025. 1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  6026. signing_key : NULL
  6027. encryption_key : NULL
  6028. decryption_key : NULL
  6029. num_channels : 0x00000001 (1)
  6030. channels: ARRAY(1)
  6031. channels: struct smbXsrv_channel_global0
  6032. server_id: struct server_id
  6033. pid : 0x0000000000000b00 (2816)
  6034. task_id : 0x00000000 (0)
  6035. vnn : 0xffffffff (4294967295)
  6036. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  6037. channel_id : 0x0000000000000000 (0)
  6038. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6039. local_address : 'ipv4:192.168.1.250:445'
  6040. remote_address : 'ipv4:192.168.1.10:33674'
  6041. remote_name : '192.168.1.10'
  6042. signing_key : NULL
  6043. auth_session_info_seqnum : 0x00000000 (0)
  6044. connection : *
  6045. encryption_cipher : 0x0000 (0)
  6046. status : NT_STATUS_MORE_PROCESSING_REQUIRED
  6047. idle_time : Fri Jun 17 06:24:29 2022 UTC
  6048. nonce_high_random : 0x0000000000000000 (0)
  6049. nonce_high_max : 0x0000000000000000 (0)
  6050. nonce_high : 0x0000000000000000 (0)
  6051. nonce_low : 0x0000000000000000 (0)
  6052. tcon_table : *
  6053. homes_snum : 0xffffffff (4294967295)
  6054. pending_auth : *
  6055. pending_auth: struct smbXsrv_session_auth0
  6056. prev : *
  6057. next : NULL
  6058. session : *
  6059. connection : *
  6060. gensec : *
  6061. preauth : *
  6062. in_flags : 0x00 (0)
  6063. in_security_mode : 0x01 (1)
  6064. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6065. idle_time : Fri Jun 17 06:24:29 2022 UTC
  6066. channel_id : 0x0000000000000000 (0)
  6067. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  6068. Security token: (NULL)
  6069. UNIX token of user 0
  6070. Primary group is 0 and contains 0 supplementary groups
  6071. change_to_root_user: now uid=(0,0) gid=(0,0)
  6072. dbwrap_lock_order_lock: check lock order 1 for /var/lock/smbXsrv_session_global.tdb
  6073. lock order: 1:/var/lock/smbXsrv_session_global.tdb 2:<none> 3:<none> 4:<none>
  6074. db_tdb_log_key: Locking key 7E555992
  6075. db_tdb_fetch_locked_internal: Allocated locked data 0xb6577c80
  6076. dbwrap_watched_subrec_wakeup_fn: No watchers
  6077. smbXsrv_session_global_store: key '7E555992' stored
  6078. &global_blob: struct smbXsrv_session_globalB
  6079. version : SMBXSRV_VERSION_0 (0)
  6080. seqnum : 0x00000004 (4)
  6081. info : union smbXsrv_session_globalU(case 0)
  6082. info0 : *
  6083. info0: struct smbXsrv_session_global0
  6084. db_rec : *
  6085. session_global_id : 0x7e555992 (2119522706)
  6086. session_wire_id : 0x000000007e555992 (2119522706)
  6087. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6088. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  6089. auth_time : NTTIME(0)
  6090. auth_session_info_seqnum : 0x00000000 (0)
  6091. auth_session_info : NULL
  6092. connection_dialect : 0x0311 (785)
  6093. signing_flags : 0x04 (4)
  6094. 0: SMBXSRV_SIGNING_REQUIRED
  6095. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  6096. 1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  6097. encryption_flags : 0x08 (8)
  6098. 0: SMBXSRV_ENCRYPTION_REQUIRED
  6099. 0: SMBXSRV_ENCRYPTION_DESIRED
  6100. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  6101. 1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  6102. signing_key : NULL
  6103. encryption_key : NULL
  6104. decryption_key : NULL
  6105. num_channels : 0x00000001 (1)
  6106. channels: ARRAY(1)
  6107. channels: struct smbXsrv_channel_global0
  6108. server_id: struct server_id
  6109. pid : 0x0000000000000b00 (2816)
  6110. task_id : 0x00000000 (0)
  6111. vnn : 0xffffffff (4294967295)
  6112. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  6113. channel_id : 0x0000000000000000 (0)
  6114. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6115. local_address : 'ipv4:192.168.1.250:445'
  6116. remote_address : 'ipv4:192.168.1.10:33674'
  6117. remote_name : '192.168.1.10'
  6118. signing_key : NULL
  6119. auth_session_info_seqnum : 0x00000000 (0)
  6120. connection : *
  6121. encryption_cipher : 0x0000 (0)
  6122. dbwrap_lock_order_unlock: release lock order 1 for /var/lock/smbXsrv_session_global.tdb
  6123. db_tdb_log_key: Unlocking key 7E555992
  6124. smbXsrv_session_update: global_id (0x7e555992) stored
  6125. &session_blob: struct smbXsrv_sessionB
  6126. version : SMBXSRV_VERSION_0 (0)
  6127. reserved : 0x00000000 (0)
  6128. info : union smbXsrv_sessionU(case 0)
  6129. info0 : *
  6130. info0: struct smbXsrv_session
  6131. table : *
  6132. db_rec : NULL
  6133. client : *
  6134. local_id : 0x7e555992 (2119522706)
  6135. global : *
  6136. global: struct smbXsrv_session_global0
  6137. db_rec : NULL
  6138. session_global_id : 0x7e555992 (2119522706)
  6139. session_wire_id : 0x000000007e555992 (2119522706)
  6140. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6141. expiration_time : Tue Jan 19 03:14:07 2038 UTC
  6142. auth_time : NTTIME(0)
  6143. auth_session_info_seqnum : 0x00000000 (0)
  6144. auth_session_info : NULL
  6145. connection_dialect : 0x0311 (785)
  6146. signing_flags : 0x04 (4)
  6147. 0: SMBXSRV_SIGNING_REQUIRED
  6148. 0: SMBXSRV_PROCESSED_SIGNED_PACKET
  6149. 1: SMBXSRV_PROCESSED_UNSIGNED_PACKET
  6150. encryption_flags : 0x08 (8)
  6151. 0: SMBXSRV_ENCRYPTION_REQUIRED
  6152. 0: SMBXSRV_ENCRYPTION_DESIRED
  6153. 0: SMBXSRV_PROCESSED_ENCRYPTED_PACKET
  6154. 1: SMBXSRV_PROCESSED_UNENCRYPTED_PACKET
  6155. signing_key : NULL
  6156. encryption_key : NULL
  6157. decryption_key : NULL
  6158. num_channels : 0x00000001 (1)
  6159. channels: ARRAY(1)
  6160. channels: struct smbXsrv_channel_global0
  6161. server_id: struct server_id
  6162. pid : 0x0000000000000b00 (2816)
  6163. task_id : 0x00000000 (0)
  6164. vnn : 0xffffffff (4294967295)
  6165. unique_id : 0x8d1fef0f62ae500e (-8277634740724543474)
  6166. channel_id : 0x0000000000000000 (0)
  6167. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6168. local_address : 'ipv4:192.168.1.250:445'
  6169. remote_address : 'ipv4:192.168.1.10:33674'
  6170. remote_name : '192.168.1.10'
  6171. signing_key : NULL
  6172. auth_session_info_seqnum : 0x00000000 (0)
  6173. connection : *
  6174. encryption_cipher : 0x0000 (0)
  6175. status : NT_STATUS_MORE_PROCESSING_REQUIRED
  6176. idle_time : Fri Jun 17 06:24:29 2022 UTC
  6177. nonce_high_random : 0x0000000000000000 (0)
  6178. nonce_high_max : 0x0000000000000000 (0)
  6179. nonce_high : 0x0000000000000000 (0)
  6180. nonce_low : 0x0000000000000000 (0)
  6181. tcon_table : *
  6182. homes_snum : 0xffffffff (4294967295)
  6183. pending_auth : *
  6184. pending_auth: struct smbXsrv_session_auth0
  6185. prev : *
  6186. next : NULL
  6187. session : *
  6188. connection : *
  6189. gensec : *
  6190. preauth : *
  6191. in_flags : 0x00 (0)
  6192. in_security_mode : 0x01 (1)
  6193. creation_time : Fri Jun 17 06:24:29 2022 UTC
  6194. idle_time : Fri Jun 17 06:24:29 2022 UTC
  6195. channel_id : 0x0000000000000000 (0)
  6196. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  6197. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  6198. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  6199. Security token: (NULL)
  6200. UNIX token of user 0
  6201. Primary group is 0 and contains 0 supplementary groups
  6202. short string '', sent with NULL termination despite NOTERM flag in IDL
  6203. authenticate: struct AUTHENTICATE_MESSAGE
  6204. Signature : 'NTLMSSP'
  6205. MessageType : NtLmAuthenticate (3)
  6206. LmChallengeResponseLen : 0x0018 (24)
  6207. LmChallengeResponseMaxLen: 0x0018 (24)
  6208. LmChallengeResponse : *
  6209. LmChallengeResponse : union ntlmssp_LM_RESPONSE_with_len(case 24)
  6210. v1: struct LM_RESPONSE
  6211. Response : 000000000000000000000000000000000000000000000000
  6212. NtChallengeResponseLen : 0x00f0 (240)
  6213. NtChallengeResponseMaxLen: 0x00f0 (240)
  6214. NtChallengeResponse : *
  6215. NtChallengeResponse : union ntlmssp_NTLM_RESPONSE_with_len(case 240)
  6216. v2: struct NTLMv2_RESPONSE
  6217. Response : f56c39cd9bbed52f265fe8e89441d11b
  6218. Challenge: struct NTLMv2_CLIENT_CHALLENGE
  6219. RespType : 0x01 (1)
  6220. HiRespType : 0x01 (1)
  6221. Reserved1 : 0x0000 (0)
  6222. Reserved2 : 0x00000000 (0)
  6223. TimeStamp : Fri Jun 17 06:24:29 2022 UTC
  6224. ChallengeFromClient : 1e4cc3a1d73513c2
  6225. Reserved3 : 0x00000000 (0)
  6226. AvPairs: struct AV_PAIR_LIST
  6227. count : 0x0000000a (10)
  6228. pair: ARRAY(10)
  6229. pair: struct AV_PAIR
  6230. AvId : MsvAvNbDomainName (0x2)
  6231. AvLen : 0x000c (12)
  6232. Value : union ntlmssp_AvValue(case 0x2)
  6233. AvNbDomainName : 'ZALUPA'
  6234. pair: struct AV_PAIR
  6235. AvId : MsvAvNbComputerName (0x1)
  6236. AvLen : 0x000c (12)
  6237. Value : union ntlmssp_AvValue(case 0x1)
  6238. AvNbComputerName : 'ZALUPA'
  6239. pair: struct AV_PAIR
  6240. AvId : MsvAvDnsDomainName (0x4)
  6241. AvLen : 0x0002 (2)
  6242. Value : union ntlmssp_AvValue(case 0x4)
  6243. AvDnsDomainName : ''
  6244. pair: struct AV_PAIR
  6245. AvId : MsvAvDnsComputerName (0x3)
  6246. AvLen : 0x0012 (18)
  6247. Value : union ntlmssp_AvValue(case 0x3)
  6248. AvDnsComputerName : 'localhost'
  6249. pair: struct AV_PAIR
  6250. AvId : MsvAvTimestamp (0x7)
  6251. AvLen : 0x0008 (8)
  6252. Value : union ntlmssp_AvValue(case 0x7)
  6253. AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
  6254. pair: struct AV_PAIR
  6255. AvId : MsvAvFlags (0x6)
  6256. AvLen : 0x0004 (4)
  6257. Value : union ntlmssp_AvValue(case 0x6)
  6258. AvFlags : 0x00000002 (2)
  6259. 0: NTLMSSP_AVFLAG_CONSTRAINTED_ACCOUNT
  6260. 1: NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE
  6261. 0: NTLMSSP_AVFLAG_TARGET_SPN_FROM_UNTRUSTED_SOURCE
  6262. pair: struct AV_PAIR
  6263. AvId : MsvAvSingleHost (0x8)
  6264. AvLen : 0x0030 (48)
  6265. Value : union ntlmssp_AvValue(case 0x8)
  6266. AvSingleHost: struct ntlmssp_SingleHostData
  6267. Size : 0x00000030 (48)
  6268. Z4 : 0x00000000 (0)
  6269. token_info: struct LSAP_TOKEN_INFO_INTEGRITY
  6270. Flags : 0x00000000 (0)
  6271. TokenIL : 0x00000000 (0)
  6272. MachineId : 7969e1bb5a679eabae86f2535f1149654f4926a205ea239f17fb49c576bba7f3
  6273. remaining : DATA_BLOB length=0
  6274. pair: struct AV_PAIR
  6275. AvId : MsvChannelBindings (0xA)
  6276. AvLen : 0x0010 (16)
  6277. Value : union ntlmssp_AvValue(case 0xA)
  6278. ChannelBindings : 00000000000000000000000000000000
  6279. pair: struct AV_PAIR
  6280. AvId : MsvAvTargetName (0x9)
  6281. AvLen : 0x0024 (36)
  6282. Value : union ntlmssp_AvValue(case 0x9)
  6283. AvTargetName : 'cifs/192.168.1.250'
  6284. pair: struct AV_PAIR
  6285. AvId : MsvAvEOL (0x0)
  6286. AvLen : 0x0000 (0)
  6287. Value : union ntlmssp_AvValue(case 0x0)
  6288. DomainNameLen : 0x0012 (18)
  6289. DomainNameMaxLen : 0x0012 (18)
  6290. DomainName : *
  6291. DomainName : 'WORKGROUP'
  6292. UserNameLen : 0x0010 (16)
  6293. UserNameMaxLen : 0x0010 (16)
  6294. UserName : *
  6295. UserName : 'useruser'
  6296. WorkstationLen : 0x000c (12)
  6297. WorkstationMaxLen : 0x000c (12)
  6298. Workstation : *
  6299. Workstation : 'LINUPS'
  6300. EncryptedRandomSessionKeyLen: 0x0010 (16)
  6301. EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
  6302. EncryptedRandomSessionKey: *
  6303. EncryptedRandomSessionKey: DATA_BLOB length=16
  6304. [0000] DA 03 29 AB 2B 8D 6C 14 78 71 62 A7 E6 96 E9 DD ..).+.l. xqb.....
  6305. NegotiateFlags : 0x62088215 (1644724757)
  6306. 1: NTLMSSP_NEGOTIATE_UNICODE
  6307. 0: NTLMSSP_NEGOTIATE_OEM
  6308. 1: NTLMSSP_REQUEST_TARGET
  6309. 1: NTLMSSP_NEGOTIATE_SIGN
  6310. 0: NTLMSSP_NEGOTIATE_SEAL
  6311. 0: NTLMSSP_NEGOTIATE_DATAGRAM
  6312. 0: NTLMSSP_NEGOTIATE_LM_KEY
  6313. 0: NTLMSSP_NEGOTIATE_NETWARE
  6314. 1: NTLMSSP_NEGOTIATE_NTLM
  6315. 0: NTLMSSP_NEGOTIATE_NT_ONLY
  6316. 0: NTLMSSP_ANONYMOUS
  6317. 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
  6318. 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
  6319. 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
  6320. 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  6321. 0: NTLMSSP_TARGET_TYPE_DOMAIN
  6322. 0: NTLMSSP_TARGET_TYPE_SERVER
  6323. 0: NTLMSSP_TARGET_TYPE_SHARE
  6324. 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
  6325. 0: NTLMSSP_NEGOTIATE_IDENTIFY
  6326. 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
  6327. 0: NTLMSSP_NEGOTIATE_TARGET_INFO
  6328. 1: NTLMSSP_NEGOTIATE_VERSION
  6329. 1: NTLMSSP_NEGOTIATE_128
  6330. 1: NTLMSSP_NEGOTIATE_KEY_EXCH
  6331. 0: NTLMSSP_NEGOTIATE_56
  6332. Version: struct ntlmssp_VERSION
  6333. ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
  6334. ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
  6335. ProductBuild : 0x0000 (0)
  6336. Reserved: ARRAY(3)
  6337. [0] : 0x00 (0)
  6338. [1] : 0x00 (0)
  6339. [2] : 0x00 (0)
  6340. NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15)
  6341. Got user=[useruser] domain=[WORKGROUP] workstation=[LINUPS] len1=24 len2=240
  6342. short string '', sent with NULL termination despite NOTERM flag in IDL
  6343. &v2_resp: struct NTLMv2_RESPONSE
  6344. Response : f56c39cd9bbed52f265fe8e89441d11b
  6345. Challenge: struct NTLMv2_CLIENT_CHALLENGE
  6346. RespType : 0x01 (1)
  6347. HiRespType : 0x01 (1)
  6348. Reserved1 : 0x0000 (0)
  6349. Reserved2 : 0x00000000 (0)
  6350. TimeStamp : Fri Jun 17 06:24:29 2022 UTC
  6351. ChallengeFromClient : 1e4cc3a1d73513c2
  6352. Reserved3 : 0x00000000 (0)
  6353. AvPairs: struct AV_PAIR_LIST
  6354. count : 0x0000000a (10)
  6355. pair: ARRAY(10)
  6356. pair: struct AV_PAIR
  6357. AvId : MsvAvNbDomainName (0x2)
  6358. AvLen : 0x000c (12)
  6359. Value : union ntlmssp_AvValue(case 0x2)
  6360. AvNbDomainName : 'ZALUPA'
  6361. pair: struct AV_PAIR
  6362. AvId : MsvAvNbComputerName (0x1)
  6363. AvLen : 0x000c (12)
  6364. Value : union ntlmssp_AvValue(case 0x1)
  6365. AvNbComputerName : 'ZALUPA'
  6366. pair: struct AV_PAIR
  6367. AvId : MsvAvDnsDomainName (0x4)
  6368. AvLen : 0x0002 (2)
  6369. Value : union ntlmssp_AvValue(case 0x4)
  6370. AvDnsDomainName : ''
  6371. pair: struct AV_PAIR
  6372. AvId : MsvAvDnsComputerName (0x3)
  6373. AvLen : 0x0012 (18)
  6374. Value : union ntlmssp_AvValue(case 0x3)
  6375. AvDnsComputerName : 'localhost'
  6376. pair: struct AV_PAIR
  6377. AvId : MsvAvTimestamp (0x7)
  6378. AvLen : 0x0008 (8)
  6379. Value : union ntlmssp_AvValue(case 0x7)
  6380. AvTimestamp : Fri Jun 17 06:24:29 2022 UTC
  6381. pair: struct AV_PAIR
  6382. AvId : MsvAvFlags (0x6)
  6383. AvLen : 0x0004 (4)
  6384. Value : union ntlmssp_AvValue(case 0x6)
  6385. AvFlags : 0x00000002 (2)
  6386. 0: NTLMSSP_AVFLAG_CONSTRAINTED_ACCOUNT
  6387. 1: NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE
  6388. 0: NTLMSSP_AVFLAG_TARGET_SPN_FROM_UNTRUSTED_SOURCE
  6389. pair: struct AV_PAIR
  6390. AvId : MsvAvSingleHost (0x8)
  6391. AvLen : 0x0030 (48)
  6392. Value : union ntlmssp_AvValue(case 0x8)
  6393. AvSingleHost: struct ntlmssp_SingleHostData
  6394. Size : 0x00000030 (48)
  6395. Z4 : 0x00000000 (0)
  6396. token_info: struct LSAP_TOKEN_INFO_INTEGRITY
  6397. Flags : 0x00000000 (0)
  6398. TokenIL : 0x00000000 (0)
  6399. MachineId : 7969e1bb5a679eabae86f2535f1149654f4926a205ea239f17fb49c576bba7f3
  6400. remaining : DATA_BLOB length=0
  6401. pair: struct AV_PAIR
  6402. AvId : MsvChannelBindings (0xA)
  6403. AvLen : 0x0010 (16)
  6404. Value : union ntlmssp_AvValue(case 0xA)
  6405. ChannelBindings : 00000000000000000000000000000000
  6406. pair: struct AV_PAIR
  6407. AvId : MsvAvTargetName (0x9)
  6408. AvLen : 0x0024 (36)
  6409. Value : union ntlmssp_AvValue(case 0x9)
  6410. AvTargetName : 'cifs/192.168.1.250'
  6411. pair: struct AV_PAIR
  6412. AvId : MsvAvEOL (0x0)
  6413. AvLen : 0x0000 (0)
  6414. Value : union ntlmssp_AvValue(case 0x0)
  6415. Mapping user [WORKGROUP]\[useruser] from workstation [LINUPS]
  6416. attempting to make a user_info for useruser (useruser)
  6417. making strings for useruser's user_info struct
  6418. making blobs for useruser's user_info struct
  6419. made a user_info for useruser (useruser)
  6420. check_ntlm_password: Checking password for unmapped user [WORKGROUP]\[useruser]@[LINUPS] with the new password interface
  6421. check_ntlm_password: mapped user is: [WORKGROUP]\[useruser]@[LINUPS]
  6422. check_ntlm_password: auth_context challenge created by random
  6423. challenge is:
  6424. [0000] F1 4C 1B 32 40 D3 73 80 [email protected].
  6425. Check auth for: [useruser]
  6426. auth_check_ntlm_password: anonymous had nothing to say
  6427. auth_sam_ignoredomain_auth: Check auth for: [WORKGROUP]\[useruser]
  6428. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  6429. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  6430. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  6431. Security token: (NULL)
  6432. UNIX token of user 0
  6433. Primary group is 0 and contains 0 supplementary groups
  6434. getsampwnam (smbpasswd): search by name: useruser
  6435. startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
  6436. getsmbfilepwent: skipping comment or blank line
  6437. getsmbfilepwent: LM password for user nobody invalidated
  6438. getsmbfilepwent: returning passwd entry for user nobody, uid 0
  6439. getsmbfilepwent: LM password for user useruser invalidated
  6440. getsmbfilepwent: returning passwd entry for user useruser, uid 65533
  6441. endsmbfilepwent_internal: closed password file.
  6442. getsampwnam (smbpasswd): found by name: useruser
  6443. Finding user useruser
  6444. Trying _Get_Pwnam(), username as lowercase is useruser
  6445. Get_Pwnam_internals did find user [useruser]!
  6446. pdb_set_username: setting username useruser, was
  6447. pdb_set_full_name: setting full name nobody, was
  6448. pdb_set_domain: setting domain ZALUPA, was
  6449. Home server: ZALUPA
  6450. pdb_set_profile_path: setting profile path \\ZALUPA\useruser\profile, was
  6451. Home server: ZALUPA
  6452. pdb_set_homedir: setting home dir \\ZALUPA\useruser, was
  6453. pdb_set_dir_drive: setting dir drive , was NULL
  6454. pdb_set_logon_script: setting logon script , was
  6455. pdb_set_user_sid: setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066
  6456. pdb_set_user_sid_from_rid:
  6457. setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066 from rid 132066
  6458. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6459. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6460. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6461. Security token: (NULL)
  6462. UNIX token of user 0
  6463. Primary group is 0 and contains 0 supplementary groups
  6464. account_policy_get: name: maximum password age, val: -1
  6465. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6466. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6467. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6468. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6469. Security token: (NULL)
  6470. UNIX token of user 0
  6471. Primary group is 0 and contains 0 supplementary groups
  6472. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6473. xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
  6474. Forcing Primary Group to 'Domain Users' for useruser
  6475. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6476. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6477. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6478. Security token: (NULL)
  6479. UNIX token of user 0
  6480. Primary group is 0 and contains 0 supplementary groups
  6481. account_policy_get: name: password history, val: 0
  6482. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6483. pdb_set_username: setting username useruser, was
  6484. pdb_set_domain: setting domain ZALUPA, was
  6485. pdb_set_nt_username: setting nt username , was
  6486. pdb_set_full_name: setting full name nobody, was
  6487. Home server: ZALUPA
  6488. pdb_set_homedir: setting home dir \\ZALUPA\useruser, was
  6489. pdb_set_dir_drive: setting dir drive , was NULL
  6490. pdb_set_logon_script: setting logon script , was
  6491. Home server: ZALUPA
  6492. pdb_set_profile_path: setting profile path \\ZALUPA\useruser\profile, was
  6493. pdb_set_workstations: setting workstations , was
  6494. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6495. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6496. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6497. Security token: (NULL)
  6498. UNIX token of user 0
  6499. Primary group is 0 and contains 0 supplementary groups
  6500. account_policy_get: name: password history, val: 0
  6501. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6502. pdb_set_user_sid: setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066
  6503. pdb_set_user_sid_from_rid:
  6504. setting user sid S-1-5-21-3939785350-4027435424-1589595352-132066 from rid 132066
  6505. pdb_set_group_sid: setting group sid S-1-5-21-3939785350-4027435424-1589595352-513
  6506. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  6507. ntlm_password_check: Checking NTLMv2 password with domain [WORKGROUP]
  6508. sam_account_ok: Checking SMB password for user useruser
  6509. logon_hours_ok: user useruser allowed to logon at this time (Fri Jun 17 06:24:28 2022
  6510. )
  6511. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  6512. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  6513. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  6514. Security token: (NULL)
  6515. UNIX token of user 0
  6516. Primary group is 0 and contains 0 supplementary groups
  6517. account_policy_get: name: maximum password age, val: -1
  6518. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  6519. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  6520. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  6521. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  6522. Security token: (NULL)
  6523. UNIX token of user 0
  6524. Primary group is 0 and contains 0 supplementary groups
  6525. Finding user useruser
  6526. Trying _Get_Pwnam(), username as lowercase is useruser
  6527. Get_Pwnam_internals did find user [useruser]!
  6528. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6529. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6530. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6531. Security token: (NULL)
  6532. UNIX token of user 0
  6533. Primary group is 0 and contains 0 supplementary groups
  6534. account_policy_get: name: minimum password age, val: 0
  6535. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6536. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6537. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6538. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6539. Security token: (NULL)
  6540. UNIX token of user 0
  6541. Primary group is 0 and contains 0 supplementary groups
  6542. account_policy_get: name: maximum password age, val: -1
  6543. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6544. Finding user useruser
  6545. Trying _Get_Pwnam(), username as lowercase is useruser
  6546. Get_Pwnam_internals did find user [useruser]!
  6547. sys_getgrouplist: user [useruser]
  6548. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  6549. push_conn_ctx(0) : conn_ctx_stack_ndx = 2
  6550. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  6551. Security token: (NULL)
  6552. UNIX token of user 0
  6553. Primary group is 0 and contains 0 supplementary groups
  6554. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  6555. xid_to_sid: GID 65534 -> S-1-22-2-65534 fallback
  6556. make_server_info_sam: made server info for user useruser -> useruser
  6557. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  6558. auth_check_ntlm_password: sam_ignoredomain authentication for user [useruser] succeeded
  6559. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  6560. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  6561. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  6562. Security token: (NULL)
  6563. UNIX token of user 0
  6564. Primary group is 0 and contains 0 supplementary groups
  6565. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  6566. check_ntlm_password: PAM Account for user [useruser] succeeded
  6567. messaging_dgm_send: Sending message to 2815
  6568. messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 2812
  6569. messaging_dgm_cleanup: Cleaning up : No error information
  6570. smbd_cleanupd_process_exited: cleaned up pid 2816