Hello all,
i hope you can help me. I have successfully set up a connection with
samba to my domain controller. What works:
* wbinfo -u / wbinfo -g
* wbinfo -a
* bet ads info
i hope you can help me! thank you!
===========net ads info
LDAP server: 10.40.130.10
LDAP server name: sv1-dc01p.pfw.local
Realm: PFW.LOCAL
Bind Path: dc=PFW,dc=LOCAL
LDAP port: 389
Server time: Sat, 17 Jul 2021 13:32:03 CEST
KDC server: 10.40.130.10
Server time offset: 0
Last machine account password change: Sat, 17 Jul 2021 10:55:08 CEST
==========
=======wbinfo -a srvadmsar
Enter srvadmsar's password:
plaintext password authentication succeeded
Enter srvadmsar's password:
challenge/response password authentication succeeded
======
when i try to connect with smbclient and a domain user i get the error
SPNEGO login failed: The attempted logon is invalid. This is either
due to a bad username or authentication information.
session setup failed: NT_STATUS_LOGON_FAILURE
in the Logfiles ob the samba server i get a NT_STATUS_OK (when i join
with a domain joined windows system, i get NT_STATUS_OK, but windows
then wants a username and password.
below you can find the logs from /var/log/samba/*
i hope you can help me, i am trying for hours...
==> /var/log/samba/log.127.0.0.1 <=[2021/07/17 13:38:05.792287, 5]
../../source3/param/loadparm.c:1396(free_service)
free_service: Freeing service shareshare
[2021/07/17 13:38:05.792319, 5]
../../source3/param/loadparm.c:1396(free_service)
free_service: Freeing service IPC$
[2021/07/17 13:38:05.792339, 3] ../../source3/param/loadparm.c:3945(lp_load_ex)
lp_load_ex: refreshing parameters
[2021/07/17 13:38:05.792349, 5]
../../source3/param/loadparm.c:1371(free_param_opts)
Freeing parametrics:
[2021/07/17 13:38:05.792434, 3]
../../source3/param/loadparm.c:551(init_globals)
Initialising global parameters
[2021/07/17 13:38:05.792535, 3]
../../source3/param/loadparm.c:2847(lp_do_section)
Processing section "[global]"
doing parameter workgroup = PFW
doing parameter realm = PFW.LOCAL
doing parameter security = ads
doing parameter password server = 10.40.130.10
doing parameter idmap config * : backend = autorid
doing parameter idmap config * : range = 100000-19999999
doing parameter idmap config * : rangesize = 1000000
doing parameter template homedir = /home/%D/%U
doing parameter template shell = /bin/bash
doing parameter winbind use default domain = true
doing parameter ntlm auth = yes
doing parameter winbind offline logon = true
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 50
doing parameter log level = 5
[2021/07/17 13:38:05.792740, 5] ../../lib/util/debug.c:811(debug_dump_status)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
tevent: 5
auth_audit: 5
auth_json_audit: 5
kerberos: 5
drs_repl: 5
smb2: 5
smb2_credits: 5
dsdb_audit: 5
dsdb_json_audit: 5
dsdb_password_audit: 5
dsdb_password_json_audit: 5
dsdb_transaction_audit: 5
dsdb_transaction_json_audit: 5
dsdb_group_audit: 5
dsdb_group_json_audit: 5
doing parameter load printers = no
[2021/07/17 13:38:05.792873, 2]
../../source3/param/loadparm.c:2864(lp_do_section)
Processing section "[shareshare]"
doing parameter path = /storage/share
doing parameter browsable = yes
doing parameter writable = yes
doing parameter read only = no
doing parameter guest ok = yes
doing parameter valid users = PFW\SRVADMSAR
[2021/07/17 13:38:05.792992, 4] ../../source3/param/loadparm.c:3987(lp_load_ex)
pm_process() returned Yes
[2021/07/17 13:38:05.793023, 3] ../../source3/param/loadparm.c:1648(lp_add_ipc)
adding IPC service
[2021/07/17 13:38:05.793057, 5] ../../lib/util/debug.c:811(debug_dump_status)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
tevent: 5
auth_audit: 5
auth_json_audit: 5
kerberos: 5
drs_repl: 5
smb2: 5
smb2_credits: 5
dsdb_audit: 5
dsdb_json_audit: 5
dsdb_password_audit: 5
dsdb_password_json_audit: 5
dsdb_transaction_audit: 5
dsdb_transaction_json_audit: 5
dsdb_group_audit: 5
dsdb_group_json_audit: 5
[2021/07/17 13:38:05.793459, 2]
../../source3/lib/interface.c:345(add_interface)
added interface ens192 ip=192.168.110.104 bcast=192.168.110.255
netmask=255.255.255.0
[2021/07/17 13:38:05.793493, 5]
../../lib/util/util_net.c:1058(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 2626560
SO_RCVBUF = 1061488
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
[2021/07/17 13:38:05.793563, 5]
../../lib/util/util_net.c:1058(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 2626560
SO_RCVBUF = 1061488
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
[2021/07/17 13:38:05.793659, 3] ../../source3/smbd/oplock.c:1427(init_oplocks)
init_oplocks: initializing messages.
[2021/07/17 13:38:05.793672, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 774 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793681, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 778 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793692, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 770 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793700, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 801 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793706, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 787 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793713, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 779 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793723, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 15 - private_data=(nil)
[2021/07/17 13:38:05.793740, 5]
../../source3/lib/messages.c:740(messaging_register)
Overriding messaging pointer for type 15 - private_data=(nil)
[2021/07/17 13:38:05.793751, 5]
../../source3/lib/messages.c:772(messaging_deregister)
Deregistering messaging pointer for type 16 - private_data=(nil)
[2021/07/17 13:38:05.793762, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 16 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793773, 5]
../../source3/lib/messages.c:772(messaging_deregister)
Deregistering messaging pointer for type 33 - private_data=0x55fecf14d350
[2021/07/17 13:38:05.793783, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 33 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793793, 5]
../../source3/lib/messages.c:772(messaging_deregister)
Deregistering messaging pointer for type 790 - private_data=(nil)
[2021/07/17 13:38:05.793804, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 790 - private_data=0x55fecf175270
[2021/07/17 13:38:05.793815, 5]
../../source3/lib/messages.c:772(messaging_deregister)
Deregistering messaging pointer for type 791 - private_data=(nil)
[2021/07/17 13:38:05.793826, 5]
../../source3/lib/messages.c:772(messaging_deregister)
Deregistering messaging pointer for type 1 - private_data=(nil)
[2021/07/17 13:38:05.793836, 5]
../../source3/lib/messages.c:725(messaging_register)
Registering messaging pointer for type 1 - private_data=(nil)
[2021/07/17 13:38:05.793889, 3] ../../source3/smbd/process.c:1957(process_smb)
Transaction 0 of length 214 (0 toread)
[2021/07/17 13:38:05.793943, 4]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2021/07/17 13:38:05.793963, 5]
../../libcli/security/security_token.c:52(security_token_debug)
Security token: (NULL)
[2021/07/17 13:38:05.793979, 5]
../../source3/auth/token_util.c:874(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2021/07/17 13:38:05.794013, 5]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2021/07/17 13:38:05.794036, 4] ../../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2021/07/17 13:38:05.794045, 4] ../../source3/smbd/uid.c:562(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2021/07/17 13:38:05.794056, 4]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2021/07/17 13:38:05.794064, 5]
../../libcli/security/security_token.c:52(security_token_debug)
Security token: (NULL)
[2021/07/17 13:38:05.794070, 5]
../../source3/auth/token_util.c:874(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2021/07/17 13:38:05.794125, 4] ../../source3/smbd/sec_ctx.c:438(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2021/07/17 13:38:05.794151, 5] ../../lib/util/debug.c:811(debug_dump_status)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
tevent: 5
auth_audit: 5
auth_json_audit: 5
kerberos: 5
drs_repl: 5
smb2: 5
smb2_credits: 5
dsdb_audit: 5
dsdb_json_audit: 5
dsdb_password_audit: 5
dsdb_password_json_audit: 5
dsdb_transaction_audit: 5
dsdb_transaction_json_audit: 5
dsdb_group_audit: 5
dsdb_group_json_audit: 5
[2021/07/17 13:38:05.794366, 3]
../../source3/smbd/smb2_negprot.c:293(smbd_smb2_request_process_negprot)
Selected protocol SMB3_11
[2021/07/17 13:38:05.794393, 5]
../../source3/auth/auth.c:540(make_auth3_context_for_ntlm)
Making default auth method list for server role = 'domain member'
[2021/07/17 13:38:05.794417, 5] ../../source3/auth/auth.c:51(smb_register_auth)
Attempting to register auth backend anonymous
[2021/07/17 13:38:05.794436, 5] ../../source3/auth/auth.c:63(smb_register_auth)
Successfully added auth method 'anonymous'
[2021/07/17 13:38:05.794450, 5] ../../source3/auth/auth.c:51(smb_register_auth)
Attempting to register auth backend sam
[2021/07/17 13:38:05.794467, 5] ../../source3/auth/auth.c:63(smb_register_auth)
Successfully added auth method 'sam'
[2021/07/17 13:38:05.794480, 5] ../../source3/auth/auth.c:51(smb_register_auth)
Attempting to register auth backend sam_ignoredomain
[2021/07/17 13:38:05.794493, 5] ../../source3/auth/auth.c:63(smb_register_auth)
Successfully added auth method 'sam_ignoredomain'
[2021/07/17 13:38:05.794501, 5] ../../source3/auth/auth.c:51(smb_register_auth)
Attempting to register auth backend sam_netlogon3
[2021/07/17 13:38:05.794517, 5] ../../source3/auth/auth.c:63(smb_register_auth)
Successfully added auth method 'sam_netlogon3'
[2021/07/17 13:38:05.794529, 5] ../../source3/auth/auth.c:51(smb_register_auth)
Attempting to register auth backend winbind
[2021/07/17 13:38:05.794539, 5] ../../source3/auth/auth.c:63(smb_register_auth)
Successfully added auth method 'winbind'
[2021/07/17 13:38:05.794549, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match anonymous
[2021/07/17 13:38:05.794560, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method anonymous has a valid init
[2021/07/17 13:38:05.794571, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam
[2021/07/17 13:38:05.794582, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method sam has a valid init
[2021/07/17 13:38:05.794593, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match winbind
[2021/07/17 13:38:05.794604, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method winbind has a valid init
[2021/07/17 13:38:05.794611, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam_ignoredomain
[2021/07/17 13:38:05.794617, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method sam_ignoredomain has a valid init
[2021/07/17 13:38:05.794730, 5]
../../auth/gensec/gensec_start.c:849(gensec_start_mech)
Starting GENSEC mechanism spnego
[2021/07/17 13:38:05.794813, 5]
../../auth/gensec/gensec_start.c:849(gensec_start_mech)
Starting GENSEC submechanism gse_krb5
==> /var/log/samba/log.smbd <=[2021/07/17 13:38:05.791006, 2]
../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
Registered MSG_REQ_POOL_USAGE
[2021/07/17 13:38:05.791086, 5]
../../source3/passdb/pdb_interface.c:155(make_pdb_method_name)
Attempting to find a passdb backend to match tdbsam (tdbsam)
[2021/07/17 13:38:05.791103, 5]
../../source3/passdb/pdb_interface.c:176(make_pdb_method_name)
Found pdb backend tdbsam
[2021/07/17 13:38:05.791143, 5]
../../source3/passdb/pdb_interface.c:187(make_pdb_method_name)
pdb backend tdbsam has a valid init
[2021/07/17 13:38:05.791248, 5]
../../lib/util/util_net.c:1058(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 2626560
SO_RCVBUF = 1061488
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
[2021/07/17 13:38:05.791344, 5]
../../lib/util/util_net.c:1058(print_socket_options)
Socket options:
SO_KEEPALIVE = 1
SO_REUSEADDR = 1
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_REUSEPORT = 1
SO_SNDBUF = 2626560
SO_RCVBUF = 1061488
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
TCP_USER_TIMEOUT = 0
[2021/07/17 13:38:05.791502, 3] ../../lib/util/access.c:371(allow_access)
Allowed connection from 127.0.0.1 (127.0.0.1)
[2021/07/17 13:38:05.791563, 5] ../../lib/util/debug.c:811(debug_dump_status)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
tevent: 5
auth_audit: 5
auth_json_audit: 5
kerberos: 5
drs_repl: 5
smb2: 5
smb2_credits: 5
dsdb_audit: 5
dsdb_json_audit: 5
dsdb_password_audit: 5
dsdb_password_json_audit: 5
dsdb_transaction_audit: 5
dsdb_transaction_json_audit: 5
dsdb_group_audit: 5
dsdb_group_json_audit: 5
==> /var/log/samba/log.127.0.0.1 <=[2021/07/17 13:38:08.966773, 4]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2021/07/17 13:38:08.966824, 5]
../../libcli/security/security_token.c:52(security_token_debug)
Security token: (NULL)
[2021/07/17 13:38:08.966839, 5]
../../source3/auth/token_util.c:874(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2021/07/17 13:38:08.966873, 5]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2021/07/17 13:38:08.966910, 5]
../../lib/dbwrap/dbwrap.c:148(dbwrap_lock_order_lock)
dbwrap_lock_order_lock: check lock order 1 for
/var/lib/samba/lock/smbXsrv_session_global.tdb
[2021/07/17 13:38:08.967145, 5]
../../lib/dbwrap/dbwrap.c:180(dbwrap_lock_order_unlock)
dbwrap_lock_order_unlock: release lock order 1 for
/var/lib/samba/lock/smbXsrv_session_global.tdb
[2021/07/17 13:38:08.967170, 5]
../../source3/auth/auth.c:540(make_auth3_context_for_ntlm)
Making default auth method list for server role = 'domain member'
[2021/07/17 13:38:08.967183, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match anonymous
[2021/07/17 13:38:08.967216, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method anonymous has a valid init
[2021/07/17 13:38:08.967239, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam
[2021/07/17 13:38:08.967251, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method sam has a valid init
[2021/07/17 13:38:08.967261, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match winbind
[2021/07/17 13:38:08.967271, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method winbind has a valid init
[2021/07/17 13:38:08.967281, 5] ../../source3/auth/auth.c:425(load_auth_module)
load_auth_module: Attempting to find an auth method to match sam_ignoredomain
[2021/07/17 13:38:08.967292, 5] ../../source3/auth/auth.c:450(load_auth_module)
load_auth_module: auth method sam_ignoredomain has a valid init
[2021/07/17 13:38:08.967388, 5]
../../auth/gensec/gensec_start.c:849(gensec_start_mech)
Starting GENSEC mechanism spnego
[2021/07/17 13:38:08.967406, 5]
../../lib/dbwrap/dbwrap.c:148(dbwrap_lock_order_lock)
dbwrap_lock_order_lock: check lock order 1 for
/var/lib/samba/lock/smbXsrv_session_global.tdb
[2021/07/17 13:38:08.967430, 5]
../../lib/dbwrap/dbwrap.c:180(dbwrap_lock_order_unlock)
dbwrap_lock_order_unlock: release lock order 1 for
/var/lib/samba/lock/smbXsrv_session_global.tdb
[2021/07/17 13:38:08.967442, 4] ../../source3/smbd/sec_ctx.c:216(push_sec_ctx)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2021/07/17 13:38:08.967451, 4] ../../source3/smbd/uid.c:562(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2021/07/17 13:38:08.967462, 4]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2021/07/17 13:38:08.967472, 5]
../../libcli/security/security_token.c:52(security_token_debug)
Security token: (NULL)
[2021/07/17 13:38:08.967479, 5]
../../source3/auth/token_util.c:874(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2021/07/17 13:38:08.967550, 5]
../../auth/gensec/gensec_start.c:849(gensec_start_mech)
Starting GENSEC submechanism ntlmssp
[2021/07/17 13:38:08.967586, 3]
../../auth/ntlmssp/ntlmssp_util.c:72(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
==> /var/log/samba/log.wb-PFW <=[2021/07/17 13:38:08.969578, 4]
../../source3/winbindd/winbindd_dual.c:1626(child_handler)
child daemon request 14
[2021/07/17 13:38:08.969608, 3]
../../source3/winbindd/winbindd_pam.c:2683(winbindd_dual_pam_auth_crap)
[10364]: pam auth crap domain: PFW user: srvadmsar
[2021/07/17 13:38:08.969741, 5]
../../source3/rpc_client/cli_pipe.c:827(rpc_api_pipe_send)
rpc_api_pipe: host sv1-dc01p.pfw.local
[2021/07/17 13:38:08.969754, 5]
../../source3/rpc_client/cli_pipe.c:179(rpc_write_send)
rpc_write_send: data_to_write: 696
[2021/07/17 13:38:08.970968, 5]
../../source3/rpc_client/cli_pipe.c:99(rpc_read_send)
rpc_read_send: data_to_read: 632
[2021/07/17 13:38:08.971188, 5]
../../source3/winbindd/winbindd_pam.c:2640(winbind_dual_SamLogon)
NTLM CRAP authentication for user [PFW]\[srvadmsar] returned NT_STATUS_OK
[2021/07/17 13:38:08.971291, 3]
../../auth/auth_log.c:653(log_authentication_event_human_readable)
Auth: [winbind,NTLM_AUTH, smbd, 10364] user [PFW]\[srvadmsar] at
[Sat, 17 Jul 2021 13:38:08.971273 CEST] with [NTLMv2] status
[NT_STATUS_OK] workstation [SMBTEST-ANDI] remote host [unix:] became
[PFW]\[srvadmsar] [S-1-5-21-4080695503-475066264-1108356078-1126].
local host [unix:]
{"timestamp": "2021-07-17T13:38:08.971345+0200",
"type":
"Authentication", "Authentication": {"version":
{"major": 1, "minor":
2}, "eventId": 4624, "logonId":
"7944426e07973722", "logonType": 3,
"status": "NT_STATUS_OK", "localAddress":
"unix:", "remoteAddress":
"unix:", "serviceDescription": "winbind",
"authDescription":
"NTLM_AUTH, smbd, 10364", "clientDomain": "PFW",
"clientAccount":
"srvadmsar", "workstation": "SMBTEST-ANDI",
"becameAccount":
"srvadmsar", "becameDomain": "PFW",
"becameSid":
"S-1-5-21-4080695503-475066264-1108356078-1126",
"mappedAccount":
null, "mappedDomain": null, "netlogonComputer": null,
"netlogonTrustAccount": null, "netlogonNegotiateFlags":
"0x00000000",
"netlogonSecureChannelType": 0, "netlogonTrustAccountSid":
null,
"passwordType": "NTLMv2", "duration": 1758}}
[2021/07/17 13:38:08.971423, 4]
../../source3/winbindd/winbindd_dual.c:1634(child_handler)
Finished processing child request 14
==> /var/log/samba/log.winbindd <=[2021/07/17 13:38:08.969181, 3]
../../source3/winbindd/winbindd_misc.c:432(winbindd_interface_version)
winbindd_interface_version: [smbd (10448)]: request interface
version (version = 31)
[2021/07/17 13:38:08.969319, 3]
../../source3/winbindd/winbindd_misc.c:470(winbindd_priv_pipe_dir)
winbindd_priv_pipe_dir: [smbd (10448)]: request location of privileged pipe
[2021/07/17 13:38:08.969346, 3]
../../source3/winbindd/winbindd_misc.c:483(winbindd_priv_pipe_dir)
winbindd_priv_pipe_dir: [smbd (10448)]: response location of
privileged pipe: (null)
[2021/07/17 13:38:08.969496, 3]
../../source3/winbindd/winbindd_pam_auth_crap.c:113(winbindd_pam_auth_crap_send)
[10448]: pam auth crap domain: [PFW] user: srvadmsar
[2021/07/17 13:38:08.973296, 3]
../../source3/winbindd/winbindd_misc.c:407(winbindd_ping)
winbindd_ping: [smbd (10448)]: ping