Lin Li
2007-Apr-10 17:18 UTC
[Samba] SMB Signature verification failed when establish trust with win2003 domain
I have a samba PDC (using samba 3.0.24). When I try to establish trust with a win2003 domain, I got signing error, see the log below. Trust with NT domain and win2000 domain works. Any help are appreciated. Thanks, Lin [2007/04/04 17:00:13, 5] lib/debug.c:debug_dump_status(391) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 [2007/04/04 17:00:13, 3] param/loadparm.c:lp_load(4953) lp_load: refreshing parameters [2007/04/04 17:00:13, 3] param/loadparm.c:init_globals(1418) Initialising global parameters [2007/04/04 17:00:13, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2007/04/04 17:00:13, 3] param/loadparm.c:do_section(3695) Processing section "[global]" doing parameter admin users = XANSMB+administrator @XANSMB+admins doing parameter add machine script = /opt/xandros/bin/dvaddcomputer %u doing parameter client use spnego = no doing parameter display charset = UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ASCII [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset ASCII [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset 646 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset 646 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ISO-8859-1 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset ISO-8859-1 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS2-HEX [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS2-HEX doing parameter dns proxy = no doing parameter domain logons = yes doing parameter domain master = yes doing parameter dos filetimes = yes doing parameter encrypt passwords = yes doing parameter idmap gid = 10000-20000 doing parameter idmap uid = 10000-20000 doing parameter invalid users = root doing parameter ldap admin dn = "cn=admin,dc=xpassdb,dc=xsmb" doing parameter ldap delete dn = yes doing parameter ldap group suffix = ou=Groups doing parameter ldap machine suffix = ou=Computers doing parameter ldap suffix = dc=xpassdb,dc=xsmb doing parameter ldap user suffix = ou=People doing parameter load printers = no doing parameter local master = yes doing parameter log file = /var/log/samba/log.%m doing parameter logon drive = Z: doing parameter logon home = \\%N\%U doing parameter logon path = \\%N\profiles\%U doing parameter map to guest = Bad User doing parameter max log size = 1000 doing parameter name resolve order = lmhosts host wins bcast doing parameter obey pam restrictions = yes doing parameter os level = 65 doing parameter panic action = /usr/share/samba/panic-action %d doing parameter passdb backend = ldapsam:ldap://127.0.0.1:4389 doing parameter passwd chat = *Enter\snew\spassword:* %n\n . doing parameter passwd program = /opt/xandros/bin/gumpasswdsync %u doing parameter password server = * doing parameter preferred master = yes doing parameter printcap name = cups doing parameter printing = cups doing parameter security = USER doing parameter server string = %h (Xandros Server) doing parameter socket options = TCP_NODELAY doing parameter syslog = 0 doing parameter template shell = /bin/bash doing parameter unix charset = UTF8 doing parameter unix password sync = yes doing parameter winbind enum groups = no doing parameter winbind enum users = no doing parameter winbind separator = + doing parameter wins server = 172.18.0.2 doing parameter workgroup = XANSMB [2007/04/04 17:00:13, 4] param/loadparm.c:lp_load(4984) pm_process() returned Yes [2007/04/04 17:00:13, 7] param/loadparm.c:lp_servicenumber(5120) lp_servicenumber: couldn't find homes [2007/04/04 17:00:13, 10] param/loadparm.c:set_server_role(4229) set_server_role: role = ROLE_DOMAIN_PDC [2007/04/04 17:00:13, 5] lib/util.c:init_names(286) Netbios name list:- my_netbios_names[0]="XSERVER" [2007/04/04 17:00:13, 2] lib/interface.c:add_interface(81) added interface ip=172.18.0.6 bcast=172.18.255.255 nmask=255.255.0.0 [2007/04/04 17:00:13, 10] libsmb/namequery.c:internal_resolve_name(1132) internal_resolve_name: looking up XANQANET1#1b [2007/04/04 17:00:13, 5] lib/gencache.c:gencache_init(61) Opening cache file at /var/run/samba/gencache.tdb [2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304) Returning valid cache entry: key = NBT/XANQANET1#1B, value = 172.18.0.3:0, timeout = Wed Apr 4 17:05:50 2007 [2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_fetch(216) name XANQANET1#1B found. [2007/04/04 17:00:13, 10] libsmb/namequery.c:name_status_find(276) name_status_find: looking up XANQANET1#1b at 172.18.0.3 [2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304) Returning valid cache entry: key = NBT/XANQANET1#1B.20.172.18.0.3, value = MASTER1, timeout = Wed Apr 4 17:05:50 2007 [2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_status_fetch(324) namecache_status_fetch: key NBT/XANQANET1#1B.20.172.18.0.3 -> MASTER1 [2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_start_connection(1426) Connecting to host=MASTER1 [2007/04/04 17:00:16, 3] lib/util_sock.c:open_socket_out(874) Connecting to 172.18.0.3 at port 445 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_KEEPALIVE = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_REUSEADDR = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_BROADCAST = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_NODELAY = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPCNT = 9 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPIDLE = 7200 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPINTVL = 75 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option IPTOS_LOWDELAY = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option IPTOS_THROUGHPUT = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDBUF = 16384 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVBUF = 87380 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDLOWAT = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVLOWAT = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDTIMEO = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVTIMEO = 0 [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132) write_socket(4,183) [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135) write_socket(4,183) wrote 183 [2007/04/04 17:00:16, 10] lib/util_sock.c:read_smb_length_return_keepalive(623) got smb length of 113 [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=113 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64512 (0xFC00) smb_vwv[12]=21932 (0x55AC) smb_vwv[13]=64563 (0xFC33) smb_vwv[14]=51062 (0xC776) smb_vwv[15]=61441 (0xF001) smb_vwv[16]= 2048 (0x800) smb_bcc=44 [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q. [010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A. [020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1... [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=113 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64512 (0xFC00) smb_vwv[12]=21932 (0x55AC) smb_vwv[13]=64563 (0xFC33) smb_vwv[14]=51062 (0xC776) smb_vwv[15]=61441 (0xF001) smb_vwv[16]= 2048 (0x800) smb_bcc=44 [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q. [010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A. [020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1... [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:set_smb_signing_real_common(141) Mandatory SMB signing enabled! [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:set_smb_signing_real_common(145) SMB signing enabled! [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(487) cli_simple_set_signing: user_session_key [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 93 81 E6 97 AB C0 DB 8D 46 1F 6E BA 64 EA 86 C4 ........ F.n.d... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(492) cli_simple_set_signing: response_data [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 83 DF D1 94 32 64 EF 3D 6D A3 34 B3 F5 25 EB A9 ....2d.= m.4..%.. [010] 94 16 E3 35 CD AD 98 01 ...5.... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348) client_sign_outgoing_message: sent SMB signature of [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] E9 6F CB EA A4 15 B6 91 .o...... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:store_sequence_for_reply(68) store_sequence_for_reply: stored seq = 1 mid = 2 [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132) write_socket(4,172) [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135) write_socket(4,172) wrote 172 [2007/04/04 17:00:16, 10] lib/util_sock.c:read_smb_length_return_keepalive(623) got smb length of 35 [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=35 smb_com=0x73 smb_rcls=152 smb_reh=1 smb_err=49152 smb_flg=136 smb_flg2=49157 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=2 smt_wct=0 smb_bcc=0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:get_sequence_for_reply(81) get_sequence_for_reply: found seq = 1 mid = 2 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 1 [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:client_check_incoming_message(408) client_check_incoming_message: BAD SIG: wanted SMB signature of [2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222) [000] B5 BD 56 F1 94 91 FD DC [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:client_check_incoming_message(411) client_check_incoming_message: BAD SIG: got SMB signature of [2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222) [000] E9 6F CB EA A4 15 B6 91 .o...... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967292 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967293 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967294 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967295 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 1 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 2 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 3 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4 [2007/04/04 17:00:1I have a samba PDC (using samba 3.0.24). When I try to establish trust with a win2003 domain, I got signing error, see the log below. Trust with NT domain and win2000 domain works. Any help are appreciated. Thanks, Lin [2007/04/04 17:00:13, 5] lib/debug.c:debug_dump_status(391) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 [2007/04/04 17:00:13, 3] param/loadparm.c:lp_load(4953) lp_load: refreshing parameters [2007/04/04 17:00:13, 3] param/loadparm.c:init_globals(1418) Initialising global parameters [2007/04/04 17:00:13, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2007/04/04 17:00:13, 3] param/loadparm.c:do_section(3695) Processing section "[global]" doing parameter admin users = XANSMB+administrator @XANSMB+admins doing parameter add machine script = /opt/xandros/bin/dvaddcomputer %u doing parameter client use spnego = no doing parameter display charset = UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16LE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16BE [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-8 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ASCII [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset ASCII [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset 646 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset 646 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ISO-8859-1 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset ISO-8859-1 [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS2-HEX [2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS2-HEX doing parameter dns proxy = no doing parameter domain logons = yes doing parameter domain master = yes doing parameter dos filetimes = yes doing parameter encrypt passwords = yes doing parameter idmap gid = 10000-20000 doing parameter idmap uid = 10000-20000 doing parameter invalid users = root doing parameter ldap admin dn = "cn=admin,dc=xpassdb,dc=xsmb" doing parameter ldap delete dn = yes doing parameter ldap group suffix = ou=Groups doing parameter ldap machine suffix = ou=Computers doing parameter ldap suffix = dc=xpassdb,dc=xsmb doing parameter ldap user suffix = ou=People doing parameter load printers = no doing parameter local master = yes doing parameter log file = /var/log/samba/log.%m doing parameter logon drive = Z: doing parameter logon home = \\%N\%U doing parameter logon path = \\%N\profiles\%U doing parameter map to guest = Bad User doing parameter max log size = 1000 doing parameter name resolve order = lmhosts host wins bcast doing parameter obey pam restrictions = yes doing parameter os level = 65 doing parameter panic action = /usr/share/samba/panic-action %d doing parameter passdb backend = ldapsam:ldap://127.0.0.1:4389 doing parameter passwd chat = *Enter\snew\spassword:* %n\n . doing parameter passwd program = /opt/xandros/bin/gumpasswdsync %u doing parameter password server = * doing parameter preferred master = yes doing parameter printcap name = cups doing parameter printing = cups doing parameter security = USER doing parameter server string = %h (Xandros Server) doing parameter socket options = TCP_NODELAY doing parameter syslog = 0 doing parameter template shell = /bin/bash doing parameter unix charset = UTF8 doing parameter unix password sync = yes doing parameter winbind enum groups = no doing parameter winbind enum users = no doing parameter winbind separator = + doing parameter wins server = 172.18.0.2 doing parameter workgroup = XANSMB [2007/04/04 17:00:13, 4] param/loadparm.c:lp_load(4984) pm_process() returned Yes [2007/04/04 17:00:13, 7] param/loadparm.c:lp_servicenumber(5120) lp_servicenumber: couldn't find homes [2007/04/04 17:00:13, 10] param/loadparm.c:set_server_role(4229) set_server_role: role = ROLE_DOMAIN_PDC [2007/04/04 17:00:13, 5] lib/util.c:init_names(286) Netbios name list:- my_netbios_names[0]="XSERVER" [2007/04/04 17:00:13, 2] lib/interface.c:add_interface(81) added interface ip=172.18.0.6 bcast=172.18.255.255 nmask=255.255.0.0 [2007/04/04 17:00:13, 10] libsmb/namequery.c:internal_resolve_name(1132) internal_resolve_name: looking up XANQANET1#1b [2007/04/04 17:00:13, 5] lib/gencache.c:gencache_init(61) Opening cache file at /var/run/samba/gencache.tdb [2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304) Returning valid cache entry: key = NBT/XANQANET1#1B, value = 172.18.0.3:0, timeout = Wed Apr 4 17:05:50 2007 [2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_fetch(216) name XANQANET1#1B found. [2007/04/04 17:00:13, 10] libsmb/namequery.c:name_status_find(276) name_status_find: looking up XANQANET1#1b at 172.18.0.3 [2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304) Returning valid cache entry: key = NBT/XANQANET1#1B.20.172.18.0.3, value = MASTER1, timeout = Wed Apr 4 17:05:50 2007 [2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_status_fetch(324) namecache_status_fetch: key NBT/XANQANET1#1B.20.172.18.0.3 -> MASTER1 [2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_start_connection(1426) Connecting to host=MASTER1 [2007/04/04 17:00:16, 3] lib/util_sock.c:open_socket_out(874) Connecting to 172.18.0.3 at port 445 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_KEEPALIVE = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_REUSEADDR = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_BROADCAST = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_NODELAY = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPCNT = 9 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPIDLE = 7200 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option TCP_KEEPINTVL = 75 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option IPTOS_LOWDELAY = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option IPTOS_THROUGHPUT = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDBUF = 16384 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVBUF = 87380 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDLOWAT = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVLOWAT = 1 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_SNDTIMEO = 0 [2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206) socket option SO_RCVTIMEO = 0 [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132) write_socket(4,183) [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135) write_socket(4,183) wrote 183 [2007/04/04 17:00:16, 10] lib/util_sock.c:read_smb_length_return_keepalive(623) got smb length of 113 [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=113 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64512 (0xFC00) smb_vwv[12]=21932 (0x55AC) smb_vwv[13]=64563 (0xFC33) smb_vwv[14]=51062 (0xC776) smb_vwv[15]=61441 (0xF001) smb_vwv[16]= 2048 (0x800) smb_bcc=44 [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q. [010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A. [020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1... [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=113 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 17 (0x11) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64512 (0xFC00) smb_vwv[12]=21932 (0x55AC) smb_vwv[13]=64563 (0xFC33) smb_vwv[14]=51062 (0xC776) smb_vwv[15]=61441 (0xF001) smb_vwv[16]= 2048 (0x800) smb_bcc=44 [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q. [010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A. [020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1... [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:set_smb_signing_real_common(141) Mandatory SMB signing enabled! [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:set_smb_signing_real_common(145) SMB signing enabled! [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(487) cli_simple_set_signing: user_session_key [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 93 81 E6 97 AB C0 DB 8D 46 1F 6E BA 64 EA 86 C4 ........ F.n.d... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(492) cli_simple_set_signing: response_data [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] 83 DF D1 94 32 64 EF 3D 6D A3 34 B3 F5 25 EB A9 ....2d.= m.4..%.. [010] 94 16 E3 35 CD AD 98 01 ...5.... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:client_sign_outgoing_message(348) client_sign_outgoing_message: sent SMB signature of [2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222) [000] E9 6F CB EA A4 15 B6 91 .o...... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:store_sequence_for_reply(68) store_sequence_for_reply: stored seq = 1 mid = 2 [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132) write_socket(4,172) [2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135) write_socket(4,172) wrote 172 [2007/04/04 17:00:16, 10] lib/util_sock.c:read_smb_length_return_keepalive(623) got smb length of 35 [2007/04/04 17:00:16, 5] lib/util.c:show_msg(485) [2007/04/04 17:00:16, 5] lib/util.c:show_msg(495) size=35 smb_com=0x73 smb_rcls=152 smb_reh=1 smb_err=49152 smb_flg=136 smb_flg2=49157 smb_tid=0 smb_pid=22054 smb_uid=0 smb_mid=2 smt_wct=0 smb_bcc=0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:get_sequence_for_reply(81) get_sequence_for_reply: found seq = 1 mid = 2 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 1 [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:client_check_incoming_message(408) client_check_incoming_message: BAD SIG: wanted SMB signature of [2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222) [000] B5 BD 56 F1 94 91 FD DC [2007/04/04 17:00:16, 5] libsmb/smb_signing.c:client_check_incoming_message(411) client_check_incoming_message: BAD SIG: got SMB signature of [2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222) [000] E9 6F CB EA A4 15 B6 91 .o...... [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967292 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967293 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967294 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4294967295 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 0 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 1 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 2 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 3 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 4 [2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 5 [2007/04/04 17:00:16, 0] libsmb/smb_signing.c:signing_good(253) signing_good: BAD SIG: seq 1 [2007/04/04 17:00:16, 0] libsmb/clientgen.c:cli_receive_smb(119) SMB Signature verification failed on incoming packet! [2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_session_setup(893) cli_session_setup: NT1 session setup failed! [2007/04/04 17:00:16, 1] libsmb/cliconnect.c:cli_full_connection(1523) failed session setup with NT_STATUS_INVALID_PARAMETER [2007/04/04 17:00:16, 10] intl/lang_tdb.c:lang_tdb_init(138) lang_tdb_init: /usr/share/samba/en_US.msg: No such file or directory Could not connect to server MASTER1 [2007/04/04 17:00:16, 0] utils/net_rpc.c:rpc_trustdom_establish(5640) Couldn't verify trusting domain account. Error was NT_STATUS_INVALID_PARAMETER [2007/04/04 17:00:16, 2] utils/net.c:main(988) return code = -1 6, 10] libsmb/smb_signing.c:simple_packet_signature(283) simple_packet_signature: sequence number 5 [2007/04/04 17:00:16, 0] libsmb/smb_signing.c:signing_good(253) signing_good: BAD SIG: seq 1 [2007/04/04 17:00:16, 0] libsmb/clientgen.c:cli_receive_smb(119) SMB Signature verification failed on incoming packet! [2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_session_setup(893) cli_session_setup: NT1 session setup failed! [2007/04/04 17:00:16, 1] libsmb/cliconnect.c:cli_full_connection(1523) failed session setup with NT_STATUS_INVALID_PARAMETER [2007/04/04 17:00:16, 10] intl/lang_tdb.c:lang_tdb_init(138) lang_tdb_init: /usr/share/samba/en_US.msg: No such file or directory Could not connect to server MASTER1 [2007/04/04 17:00:16, 0] utils/net_rpc.c:rpc_trustdom_establish(5640) Couldn't verify trusting domain account. Error was NT_STATUS_INVALID_PARAMETER [2007/04/04 17:00:16, 2] utils/net.c:main(988) return code = -1
Lin Li
2007-Apr-11 13:37 UTC
[Samba] SMB Signature verification failed when establish trust with win2003 domain
I found the solution. When the problem happens I set the "client use spnego" to no. If I set it to yes, the trust works. Thanks, Lin Daniel Samson wrote:> Could you please send a copy of your configuration files to me so that > i can check if it is a configuration problem. > > daniel
Jeremy Allison
2007-Apr-11 21:56 UTC
[Samba] SMB Signature verification failed when establish trust with win2003 domain
On Tue, Apr 10, 2007 at 01:18:17PM -0400, Lin Li wrote:> I have a samba PDC (using samba 3.0.24). When I try to establish trust > with a win2003 domain, I got signing error, see the log below. Trust > with NT domain and win2000 domain works. Any help are appreciated.Can you get me an ethereal/wireshark capture trace of this please ? Looks like the server is simply reflecting back the signature sent be the client, but I'd like to be sure. Thanks, Jeremy.
Lin Li
2007-Apr-11 22:49 UTC
[Samba] SMB Signature verification failed when establish trust with win2003 domain
I have a samba PDC (using samba 3.0.24). When I try to establish trust
with a win2003 domain, I got signing error, see the log below. Trust
with NT domain and win2000 domain works. Any help are appreciated.
Thanks,
Lin
[2007/04/04 17:00:13, 5] lib/debug.c:debug_dump_status(391)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
[2007/04/04 17:00:13, 3] param/loadparm.c:lp_load(4953)
lp_load: refreshing parameters
[2007/04/04 17:00:13, 3] param/loadparm.c:init_globals(1418)
Initialising global parameters
[2007/04/04 17:00:13, 3] param/params.c:pm_process(572)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2007/04/04 17:00:13, 3] param/loadparm.c:do_section(3695)
Processing section "[global]"
doing parameter admin users = XANSMB+administrator @XANSMB+admins
doing parameter add machine script = /opt/xandros/bin/dvaddcomputer %u
doing parameter client use spnego = no
doing parameter display charset = UTF8
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2LE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2LE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16LE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16LE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2BE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS-2BE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-16BE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-16BE
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF8
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF8
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UTF-8
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UTF-8
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ASCII
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ASCII
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset 646
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset 646
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset ISO-8859-1
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset ISO-8859-1
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS2-HEX
[2007/04/04 17:00:13, 5] lib/iconv.c:smb_register_charset(113)
Registered charset UCS2-HEX
doing parameter dns proxy = no
doing parameter domain logons = yes
doing parameter domain master = yes
doing parameter dos filetimes = yes
doing parameter encrypt passwords = yes
doing parameter idmap gid = 10000-20000
doing parameter idmap uid = 10000-20000
doing parameter invalid users = root
doing parameter ldap admin dn = "cn=admin,dc=xpassdb,dc=xsmb"
doing parameter ldap delete dn = yes
doing parameter ldap group suffix = ou=Groups
doing parameter ldap machine suffix = ou=Computers
doing parameter ldap suffix = dc=xpassdb,dc=xsmb
doing parameter ldap user suffix = ou=People
doing parameter load printers = no
doing parameter local master = yes
doing parameter log file = /var/log/samba/log.%m
doing parameter logon drive = Z:
doing parameter logon home = \\%N\%U
doing parameter logon path = \\%N\profiles\%U
doing parameter map to guest = Bad User
doing parameter max log size = 1000
doing parameter name resolve order = lmhosts host wins bcast
doing parameter obey pam restrictions = yes
doing parameter os level = 65
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter passdb backend = ldapsam:ldap://127.0.0.1:4389
doing parameter passwd chat = *Enter\snew\spassword:* %n\n .
doing parameter passwd program = /opt/xandros/bin/gumpasswdsync %u
doing parameter password server = *
doing parameter preferred master = yes
doing parameter printcap name = cups
doing parameter printing = cups
doing parameter security = USER
doing parameter server string = %h (Xandros Server)
doing parameter socket options = TCP_NODELAY
doing parameter syslog = 0
doing parameter template shell = /bin/bash
doing parameter unix charset = UTF8
doing parameter unix password sync = yes
doing parameter winbind enum groups = no
doing parameter winbind enum users = no
doing parameter winbind separator = +
doing parameter wins server = 172.18.0.2
doing parameter workgroup = XANSMB
[2007/04/04 17:00:13, 4] param/loadparm.c:lp_load(4984)
pm_process() returned Yes
[2007/04/04 17:00:13, 7] param/loadparm.c:lp_servicenumber(5120)
lp_servicenumber: couldn't find homes
[2007/04/04 17:00:13, 10] param/loadparm.c:set_server_role(4229)
set_server_role: role = ROLE_DOMAIN_PDC
[2007/04/04 17:00:13, 5] lib/util.c:init_names(286)
Netbios name list:-
my_netbios_names[0]="XSERVER"
[2007/04/04 17:00:13, 2] lib/interface.c:add_interface(81)
added interface ip=172.18.0.6 bcast=172.18.255.255 nmask=255.255.0.0
[2007/04/04 17:00:13, 10] libsmb/namequery.c:internal_resolve_name(1132)
internal_resolve_name: looking up XANQANET1#1b
[2007/04/04 17:00:13, 5] lib/gencache.c:gencache_init(61)
Opening cache file at /var/run/samba/gencache.tdb
[2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304)
Returning valid cache entry: key = NBT/XANQANET1#1B, value =
172.18.0.3:0, timeout = Wed Apr 4 17:05:50 2007
[2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_fetch(216)
name XANQANET1#1B found.
[2007/04/04 17:00:13, 10] libsmb/namequery.c:name_status_find(276)
name_status_find: looking up XANQANET1#1b at 172.18.0.3
[2007/04/04 17:00:13, 10] lib/gencache.c:gencache_get(304)
Returning valid cache entry: key = NBT/XANQANET1#1B.20.172.18.0.3,
value = MASTER1, timeout = Wed Apr 4 17:05:50 2007
[2007/04/04 17:00:13, 5] libsmb/namecache.c:namecache_status_fetch(324)
namecache_status_fetch: key NBT/XANQANET1#1B.20.172.18.0.3 -> MASTER1
[2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_start_connection(1426)
Connecting to host=MASTER1
[2007/04/04 17:00:16, 3] lib/util_sock.c:open_socket_out(874)
Connecting to 172.18.0.3 at port 445
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_KEEPALIVE = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_REUSEADDR = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_BROADCAST = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option TCP_NODELAY = 1
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option TCP_KEEPCNT = 9
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option TCP_KEEPIDLE = 7200
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option TCP_KEEPINTVL = 75
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option IPTOS_LOWDELAY = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option IPTOS_THROUGHPUT = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_SNDBUF = 16384
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_RCVBUF = 87380
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_SNDLOWAT = 1
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_RCVLOWAT = 1
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_SNDTIMEO = 0
[2007/04/04 17:00:16, 5] lib/util_sock.c:print_socket_options(206)
socket option SO_RCVTIMEO = 0
[2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132)
write_socket(4,183)
[2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135)
write_socket(4,183) wrote 183
[2007/04/04 17:00:16, 10]
lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 113
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(485)
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(495)
size=113
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=22054
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12815 (0x320F)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 17 (0x11)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]= 499 (0x1F3)
smb_vwv[11]=64512 (0xFC00)
smb_vwv[12]=21932 (0x55AC)
smb_vwv[13]=64563 (0xFC33)
smb_vwv[14]=51062 (0xC776)
smb_vwv[15]=61441 (0xF001)
smb_vwv[16]= 2048 (0x800)
smb_bcc=44
[2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222)
[000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q.
[010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A.
[020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1...
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(485)
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(495)
size=113
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=22054
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12815 (0x320F)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 17 (0x11)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]= 499 (0x1F3)
smb_vwv[11]=64512 (0xFC00)
smb_vwv[12]=21932 (0x55AC)
smb_vwv[13]=64563 (0xFC33)
smb_vwv[14]=51062 (0xC776)
smb_vwv[15]=61441 (0xF001)
smb_vwv[16]= 2048 (0x800)
smb_bcc=44
[2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222)
[000] 08 EE 0C 53 93 AD 3B 1D 58 00 41 00 4E 00 51 00 ...S..;. X.A.N.Q.
[010] 41 00 4E 00 45 00 54 00 31 00 00 00 4D 00 41 00 A.N.E.T. 1...M.A.
[020] 53 00 54 00 45 00 52 00 31 00 00 00 S.T.E.R. 1...
[2007/04/04 17:00:16, 5]
libsmb/smb_signing.c:set_smb_signing_real_common(141)
Mandatory SMB signing enabled!
[2007/04/04 17:00:16, 5]
libsmb/smb_signing.c:set_smb_signing_real_common(145)
SMB signing enabled!
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(487)
cli_simple_set_signing: user_session_key
[2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222)
[000] 93 81 E6 97 AB C0 DB 8D 46 1F 6E BA 64 EA 86 C4 ........ F.n.d...
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:cli_simple_set_signing(492)
cli_simple_set_signing: response_data
[2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222)
[000] 83 DF D1 94 32 64 EF 3D 6D A3 34 B3 F5 25 EB A9 ....2d.= m.4..%..
[010] 94 16 E3 35 CD AD 98 01 ...5....
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 0
[2007/04/04 17:00:16, 10]
libsmb/smb_signing.c:client_sign_outgoing_message(348)
client_sign_outgoing_message: sent SMB signature of
[2007/04/04 17:00:16, 10] lib/util.c:dump_data(2222)
[000] E9 6F CB EA A4 15 B6 91 .o......
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:store_sequence_for_reply(68)
store_sequence_for_reply: stored seq = 1 mid = 2
[2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(132)
write_socket(4,172)
[2007/04/04 17:00:16, 6] libsmb/clientgen.c:write_socket(135)
write_socket(4,172) wrote 172
[2007/04/04 17:00:16, 10]
lib/util_sock.c:read_smb_length_return_keepalive(623)
got smb length of 35
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(485)
[2007/04/04 17:00:16, 5] lib/util.c:show_msg(495)
size=35
smb_com=0x73
smb_rcls=152
smb_reh=1
smb_err=49152
smb_flg=136
smb_flg2=49157
smb_tid=0
smb_pid=22054
smb_uid=0
smb_mid=2
smt_wct=0
smb_bcc=0
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:get_sequence_for_reply(81)
get_sequence_for_reply: found seq = 1 mid = 2
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 1
[2007/04/04 17:00:16, 5]
libsmb/smb_signing.c:client_check_incoming_message(408)
client_check_incoming_message: BAD SIG: wanted SMB signature of
[2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222)
[000] B5 BD 56 F1 94 91 FD DC
[2007/04/04 17:00:16, 5]
libsmb/smb_signing.c:client_check_incoming_message(411)
client_check_incoming_message: BAD SIG: got SMB signature of
[2007/04/04 17:00:16, 5] lib/util.c:dump_data(2222)
[000] E9 6F CB EA A4 15 B6 91 .o......
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 4294967292
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 4294967293
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 4294967294
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 4294967295
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 0
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 1
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 2
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 3
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 4
[2007/04/04 17:00:16, 10] libsmb/smb_signing.c:simple_packet_signature(283)
simple_packet_signature: sequence number 5
[2007/04/04 17:00:16, 0] libsmb/smb_signing.c:signing_good(253)
signing_good: BAD SIG: seq 1
[2007/04/04 17:00:16, 0] libsmb/clientgen.c:cli_receive_smb(119)
SMB Signature verification failed on incoming packet!
[2007/04/04 17:00:16, 3] libsmb/cliconnect.c:cli_session_setup(893)
cli_session_setup: NT1 session setup failed!
[2007/04/04 17:00:16, 1] libsmb/cliconnect.c:cli_full_connection(1523)
failed session setup with NT_STATUS_INVALID_PARAMETER
[2007/04/04 17:00:16, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/share/samba/en_US.msg: No such file or directory
Could not connect to server MASTER1
[2007/04/04 17:00:16, 0] utils/net_rpc.c:rpc_trustdom_establish(5640)
Couldn't verify trusting domain account. Error was
NT_STATUS_INVALID_PARAMETER
[2007/04/04 17:00:16, 2] utils/net.c:main(988)
return code = -1
Jeremy Allison
2007-Apr-12 17:36 UTC
[Samba] SMB Signature verification failed when establish trust with win2003 domain
On Wed, Apr 11, 2007 at 09:36:55AM -0400, Lin Li wrote:> I found the solution. When the problem happens I set the "client use > spnego" to no. If I set it to yes, the trust works.Can you get me a wireshare/ethereal trace of the failure case please ! Jeremy.