Hi,
After three days of googling, searching in this list, reading parts of the
pdf, and testing, I surrender: please help !
Summary:
I'm running 3.0.10a (binary from www.sunfreeware.com) on Solaris
2.6 in standalone mode (security=user). I use ACLs on files. I cannot,
from windows (w2k, wxp pro), add a user to the permissions of a file.
Details:
- The binary was compiled --with-acl-support as "smbd -b|grep ACL"
and the sunfreeware site confirm.
- Solaris UFS supports ACLs.
- I don't use winbindd
- This is my smb.conf:
[global]
workgroup = UNIX
server string = Samba Server 3.0
interfaces = x.x.x.x
map to guest = Bad User
username map = /usr/local/samba/private/users.map
log level = 4
log file = /usr/local/samba/var/log.%m
max log size = 500
deadtime = 30
keepalive = 0
dns proxy = No
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
- The users.map did not exist at the beginning, but, as the PDF
examples have one, I created it with:
root = Administrator
- My users do exist on Solaris and are the same as the Windows users.
- The users were added on Samba with smbpasswd -a.
- My groups are mapped:
# net groupmap list | sort
Account Operators (S-1-5-32-548) -> -1
Administrators (S-1-5-32-544) -> -1
Backup Operators (S-1-5-32-551) -> -1
Domain Admins (S-1-5-21-3464024308-2102256894-3995807409-512) -> root
Domain Guests (S-1-5-21-3464024308-2102256894-3995807409-514) -> nobody
Domain Users (S-1-5-21-3464024308-2102256894-3995807409-513) -> staff
Engineer (S-1-5-21-3464024308-2102256894-3995807409-1305) -> engineer
Guests (S-1-5-32-546) -> -1
Inter (S-1-5-21-3464024308-2102256894-3995807409-1323) -> inter
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Replicators (S-1-5-32-552) -> -1
System Operators (S-1-5-32-549) -> -1
Users (S-1-5-32-545) -> -1
- A share is defined:
[home1]
path = /export/home1
read only = No
guest ok = Yes
- A file is created on the share:
# touch /export/home1/test
# chown vincent:engineer /export/home1/test
# ls -l /export/home1/test
-rw-rw-r-- 1 vincent engineer 0 Jun 28 15:50 /export/home1/test
- From Windows 2K, when I right-click properties, Security, I can see
the current permissions:
Engineer (SERVER_NAME\Engineer)
Everyone
Vincent Xxxxx (SERVER_NAME\Vincent)
- Clicking on Advanced shows the permissions (respectively Special,
Read, Special). Click Cancel to come back to the Security tab.
- But when I click on Add, I receive a window saying "You are logged
with an account that does not have access to: SERVER_NAME. Enter
the name and password of an account with permissions for this
domain and click ok."
- The equivalent test on WinNT4 (Properties, Security, Permissions,
Add, Show users works, Click on a user, Add, Read, Ok) works very
well: an acl is created on the file.
What's going on ??? I raised the debug level to 3, 4, even 10 but I
can't
catch anything useful (to me).
TIA for any help,
Pierre
I hope this is not too long but a level 4 log gives (at the moment I click
on the Add button):
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2072 of length 88
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtconX (pid 2572) conn 0x0
[2005/06/28 16:16:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/28 16:16:02, 4] smbd/reply.c:reply_tcon_and_X(408)
Client requested device type [?????] for share [IPC$]
[2005/06/28 16:16:02, 3] smbd/service.c:make_connection_snum(472)
Connect path is '/tmp' for service [IPC$]
[2005/06/28 16:16:02, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(217)
get_share_security: using default secdesc for IPC$
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(251)
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3464024308-2102256894-3995807409-1310
se_access_check: also S-1-5-21-3464024308-2102256894-3995807409-1305
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/06/28 16:16:02, 3] smbd/vfs.c:vfs_init_default(203)
Initialising default vfs hooks
[2005/06/28 16:16:02, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(217)
get_share_security: using default secdesc for IPC$
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(251)
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3464024308-2102256894-3995807409-1310
se_access_check: also S-1-5-21-3464024308-2102256894-3995807409-1305
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/06/28 16:16:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (155, 152) - sec_ctx_stack_ndx = 0
[2005/06/28 16:16:02, 3] smbd/service.c:make_connection_snum(648)
temp (xxx.xxx.xxx.xxx) connect to service IPC$ initially as user vincent
(uid=155,
gid=152) (pid 2572)
[2005/06/28 16:16:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/28 16:16:02, 3] smbd/reply.c:reply_tcon_and_X(456)
tconX service=IPC$
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2073 of length 104
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (155, 152) - sec_ctx_stack_ndx = 0
[2005/06/28 16:16:02, 4] smbd/vfs.c:vfs_ChDir(654)
vfs_ChDir to /tmp
[2005/06/28 16:16:02, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \lsarpc.
[2005/06/28 16:16:02, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe lsarpc opening.
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested lsarpc (pipes_open=0)
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested lsarpc
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe lsarpc (pipes_open=0)
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe lsarpc with handle 7151 (pipes_open=1)
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2074 of length 160
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7151
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7151)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsass
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\lsarpc
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2075 of length 114
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=26 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7151
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7151)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x0 - unknown
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2076 of length 45
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7151
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name lsarpc pnum=7151 (pipes_open=0)
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2077 of length 104
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \winreg.
[2005/06/28 16:16:02, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe winreg opening.
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested winreg (pipes_open=0)
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested winreg
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe winreg (pipes_open=0)
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe winreg with handle 7152 (pipes_open=1)
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2078 of length 160
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\winreg -> \PIPE\winreg
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\winreg
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2079 of length 124
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=36 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x2 - api_rpcTNP: rpc command: REG_OPEN_HKLM
[2005/06/28 16:16:02, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[1] [000] 00 00 00 00 61 00 00 00 00 00 00 00 A2 5B C1 42
....a... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2080 of length 256
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=168 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0xf - api_rpcTNP: rpc command: REG_OPEN_ENTRY
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 61 00 00 00 00 00 00 00 A2 5B C1 42
....a... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[2] [000] 00 00 00 00 62 00 00 00 00 00 00 00 A2 5B C1 42
....b... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 96
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2081 of length 204
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=116 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x11 - api_rpcTNP: rpc command: REG_INFO
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 62 00 00 00 00 00 00 00 A2 5B C1 42
....b... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 536
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2082 of length 216
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=128 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x11 - api_rpcTNP: rpc command: REG_INFO
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 62 00 00 00 00 00 00 00 A2 5B C1 42
....b... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 536
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2083 of length 132
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x5 - api_rpcTNP: rpc command: REG_CLOSE
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 62 00 00 00 00 00 00 00 A2 5B C1 42
....b... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 62 00 00 00 00 00 00 00 A2 5B C1 42
....b... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2084 of length 132
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 7152)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x5 - api_rpcTNP: rpc command: REG_CLOSE
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 61 00 00 00 00 00 00 00 A2 5B C1 42
....a... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 61 00 00 00 00 00 00 00 A2 5B C1 42
....a... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2085 of length 45
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7152
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name winreg pnum=7152 (pipes_open=0)
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2086 of length 104
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \lsarpc.
[2005/06/28 16:16:02, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe lsarpc opening.
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested lsarpc (pipes_open=0)
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested lsarpc
[2005/06/28 16:16:02, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe lsarpc (pipes_open=0)
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe lsarpc with handle 7153 (pipes_open=1)
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2087 of length 160
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7153
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7153)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsass
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\lsarpc
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2088 of length 176
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=88 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7153
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7153)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x2c - api_rpcTNP: rpc command: LSA_OPENPOLICY2
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(251)
[2005/06/28 16:16:02, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3464024308-2102256894-3995807409-1310
se_access_check: also S-1-5-21-3464024308-2102256894-3995807409-1305
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/06/28 16:16:02, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[1] [000] 00 00 00 00 63 00 00 00 00 00 00 00 A2 5B C1 42
....c... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 820
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2089 of length 134
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=46 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7153
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7153)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x7 - api_rpcTNP: rpc command:
LSA_QUERYINFOPOLICY
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 63 00 00 00 00 00 00 00 A2 5B C1 42
....c... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 512
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2090 of length 132
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/06/28 16:16:02, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7153
[2005/06/28 16:16:02, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 7153)
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x0 - api_rpcTNP: rpc command: LSA_CLOSE
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 63 00 00 00 00 00 00 00 A2 5B C1 42
....c... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 63 00 00 00 00 00 00 00 A2 5B C1 42
....c... .....[.B
[010] 0C 0A 00 00 ....
[2005/06/28 16:16:02, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/06/28 16:16:02, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/06/28 16:16:02, 3] smbd/process.c:process_smb(1091)
Transaction 2091 of length 45
[2005/06/28 16:16:02, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2572) conn 0x2ecf70
[2005/06/28 16:16:02, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7153
[2005/06/28 16:16:02, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name lsarpc pnum=7153 (pipes_open=0)