Re: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE with Server 2008R2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Same thing here...

SPNEGO login failed: Trust relationship failure

As already reported in an earlier post ...

Only difference is "security = ads" instead of "domain". So my Linux system (POSBIS) is an AD member and shares some directories on the Linux Box. Samba Version is 3.6.x. The DNS configuration is correct and joining the AD works fine. The exact same configuration worked on an earlier samba version against the same Windows 2008 R2 domain controller. Something must have changed in later versions of SAMBA
breaking the Trust Releationship.

Can anybody in short list all group policies needed on Windows Server 2008 R2 side an all smb.conf settings on the SAMBA client side to get
this constellation to workwith SAMBA 3.6.x (maybe 3.5.x as well).

I really have no idea why it is not working anymore...

Regards,
Oliver

-------------------

[root@posbis ~]# net ads testjoin
Join is OK
[root@posbis ~]#

smbclient -L POSBIS -U rhodan -d10 -s /etc/samba/smb.conf

INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
doing parameter workgroup = SOLAR-IMPERIUM
doing parameter server string = Samba Server Version %v
doing parameter netbios name = POSBIS
handle_netbios_name: set global_myname to: POSBIS
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 50
doing parameter include = /user1/config/samba/ads.conf
params.c:pm_process() - Processing configuration file "/user1/config/samba/ads.conf"
doing parameter security = ads
doing parameter passdb backend = tdbsam
doing parameter realm = SOLAR-IMPERIUM.COM
doing parameter username map = /etc/samba/smbusers
doing parameter encrypt passwords = yes
doing parameter client ntlmv2 auth = no
doing parameter send spnego principal = no
doing parameter load printers = yes
doing parameter cups options = raw
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: role = ROLE_DOMAIN_MEMBER
Substituting charset 'UTF-8' for LOCALE
added interface em1 ip=fe80::20c:76ff:fe24:eefa%em1 bcast=fe80::ffff:ffff:ffff:ffff%em1 netmask=ffff:ffff:ffff:ffff::
added interface em1 ip=192.168.1.3 bcast=192.168.1.255 netmask=255.255.255.0
Netbios name list:-
my_netbios_names[0]="POSBIS"
Client started (version 3.6.3-78.fc16).
Opening cache file at /var/lib/samba/gencache.tdb
Opening cache file at /var/lib/samba/gencache_notrans.tdb
sitename_fetch: Returning sitename for SOLAR-IMPERIUM.COM: "Solar-System"
internal_resolve_name: looking up POSBIS#20 (sitename Solar-System)
name POSBIS#20 found.
Running timed event "tevent_req_timedout" 0x21b636a8
Connecting to ::1 at port 445
Socket options:
    SO_KEEPALIVE = 0
    SO_REUSEADDR = 0
    SO_BROADCAST = 0
    TCP_NODELAY = 1
    TCP_KEEPCNT = 9
    TCP_KEEPIDLE = 7200
    TCP_KEEPINTVL = 75
    IPTOS_LOWDELAY = 0
    IPTOS_THROUGHPUT = 0
    SO_SNDBUF = 170640
    SO_RCVBUF = 87380
    SO_SNDLOWAT = 1
    SO_RCVLOWAT = 1
    SO_SNDTIMEO = 0
    SO_RCVTIMEO = 0
    TCP_QUICKACK = 1
 session request ok
Substituting charset 'UTF-8' for LOCALE
Doing spnego session setup (blob length=112)
got OID=1.2.840.113554.1.2.2
got OID=1.2.840.48018.1.2.2
got OID=1.3.6.1.4.1.311.2.2.10
got principal=not_defined_in_RFC4178@please_ignore
convert_string_internal: Conversion error: Illegal multibyte sequence()
     negotiate: struct NEGOTIATE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmNegotiate (1)
        NegotiateFlags           : 0x60088215 (1611170325)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               0: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               0: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
        DomainNameLen            : 0x000e (14)
        DomainNameMaxLen         : 0x000e (14)
        DomainName               : *
            DomainName               : 'SOLAR-IMPERIUM'
        WorkstationLen           : 0x0006 (6)
        WorkstationMaxLen        : 0x0006 (6)
        Workstation              : *
            Workstation              : 'POSBIS'
     challenge: struct CHALLENGE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmChallenge (0x2)
        TargetNameLen            : 0x001c (28)
        TargetNameMaxLen         : 0x001c (28)
        TargetName               : *
            TargetName               : 'SOLAR-IMPERIUM'
        NegotiateFlags           : 0x60898215 (1619624469)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               1: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               1: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
        ServerChallenge          : b4184a42ca05636e
        Reserved                 : 0000000000000000
        TargetInfoLen            : 0x0076 (118)
        TargetNameInfoMaxLen     : 0x0076 (118)
        TargetInfo               : *
            TargetInfo: struct AV_PAIR_LIST
                count                    : 0x00000005 (5)
                pair: ARRAY(5)
                    pair: struct AV_PAIR
                        AvId                     : MsvAvNbDomainName (0x2)
                        AvLen                    : 0x001c (28)
Value : union ntlmssp_AvValue(case 0x2)
                        AvNbDomainName           : 'SOLAR-IMPERIUM'
                    pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
                        AvLen                    : 0x000c (12)
Value : union ntlmssp_AvValue(case 0x1)
                        AvNbComputerName         : 'POSBIS'
                    pair: struct AV_PAIR
                        AvId                     : MsvAvDnsDomainName (0x4)
                        AvLen                    : 0x0016 (22)
Value : union ntlmssp_AvValue(case 0x4)
                        AvDnsDomainName          : 'rehmann.org'
                    pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
                        AvLen                    : 0x0024 (36)
Value : union ntlmssp_AvValue(case 0x3)
                        AvDnsComputerName        : 'posbis.rehmann.org'
                    pair: struct AV_PAIR
                        AvId                     : MsvAvEOL (0x0)
                        AvLen                    : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
Got challenge flags:
Got NTLMSSP neg_flags=0x60898215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_TARGET_INFO
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP challenge set by NTLM2
challenge is:
[0000] 06 23 36 F2 42 36 42 9E                            .#6.B6B.
     authenticate: struct AUTHENTICATE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmAuthenticate (3)
        LmChallengeResponseLen   : 0x0018 (24)
        LmChallengeResponseMaxLen: 0x0018 (24)
        LmChallengeResponse      : *
            LmChallengeResponse      : union ntlmssp_LM_RESPONSE(case 24)
            v1: struct LM_RESPONSE
Response : 9a7094be3dc810ca00000000000000000000000000000000
        NtChallengeResponseLen   : 0x0018 (24)
        NtChallengeResponseMaxLen: 0x0018 (24)
        NtChallengeResponse      : *
            NtChallengeResponse      : union ntlmssp_NTLM_RESPONSE(case 24)
            v1: struct NTLM_RESPONSE
Response : cc27c54ccb09bfa7bf80c69fde723b4f218769db65228e49
        DomainNameLen            : 0x001c (28)
        DomainNameMaxLen         : 0x001c (28)
        DomainName               : *
            DomainName               : 'SOLAR-IMPERIUM'
        UserNameLen              : 0x000c (12)
        UserNameMaxLen           : 0x000c (12)
        UserName                 : *
            UserName                 : 'rhodan'
        WorkstationLen           : 0x000c (12)
        WorkstationMaxLen        : 0x000c (12)
        Workstation              : *
            Workstation              : 'POSBIS'
        EncryptedRandomSessionKeyLen: 0x0010 (16)
        EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
        EncryptedRandomSessionKey: *
            EncryptedRandomSessionKey: DATA_BLOB length=16
[0000] 26 63 57 46 C3 10 E5 D8   22 66 65 69 36 36 D9 43 &cWF.... "fei66.C
        NegotiateFlags           : 0x60088215 (1611170325)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               0: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               0: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
SPNEGO login failed: Trust relationship failure
lang_tdb_init: /usr/lib/samba/en_US.UTF-8.msg: No such file or directory
session setup failed: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE








On 15.04.2012 01:31, Chrisopher R Davis wrote:
I am having problems implementing Samba using security=domain against a Windows 2008R2 server.

I have been able to successfully join the domain via a net rpc join. Anytime I try to access a share through smbclient I get a NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE but nothing in the logs (on either side) seems to be giving me any leads on where to look. The system is locked down to allow NTLv2 ONLY.

The 2008R2 server is running with a number of additional security lock-downs and it is somewhat likely one or more of those may be the culprit but I'm hoping someone might have an idea of a specific place to start looking.


Any help would be much appreciated - I can dig up more logs if needed.



I have included my smb.conf, the output from a a net rpg testjoin and output from my test run of smbclient

#########################################################################################################

My smb.conf:


[global]
        workgroup = MYDOMAIN
        netbios name = myserver
        security = domain
        password server = dc1
        server string = Samba (%v) domain (%h)
        username map = /cm-views/samba.server/lib/users.map
        log level = 10
        log file = /cm-views/samba.server/logs/log.%m
        lock dir = /cm-views/samba.server/locks
        private dir = /cm-views/samba.server/private
        client use spnego = yes
        client ntlmv2 auth = yes
        client signing = yes
        server signing = yes
        client ldap sasl wrapping = seal
        client schannel = yes
        server schannel = yes
        encrypt passwords = yes



[test]
        comment = Monitor Directory for Sun Cluster
        path = /cm-views/samba.server/logs
        guest ok = Yes

#########################################################################################################





[root@cc1 /cm-views/samba.server/logs ]# net rpc testjoin -s ../lib/smb.conf
Join to 'MYDOMAIN' is OK



#########################################################################################################



[root@cc1 /cm-views/samba.server/logs ]# smbclient -L myserver -U cdavis15 -s ../lib/smb.conf -d10
INFO: Current debug levels:
  all: True/10
  tdb: False/0
  printdrivers: False/0
  lanman: False/0
  smb: False/0
  rpc_parse: False/0
  rpc_srv: False/0
  rpc_cli: False/0
  passdb: False/0
  sam: False/0
  auth: False/0
  winbind: False/0
  vfs: False/0
  idmap: False/0
  quota: False/0
  acls: False/0
  locking: False/0
  msdfs: False/0
  dmapi: False/0
  registry: False/0
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (256) to minimum Windows limit (16384)
params.c:pm_process() - Processing configuration file "../lib/smb.conf"
Processing section "[global]"
doing parameter workgroup = MYDOMAIN
doing parameter netbios name = myserver
handle_netbios_name: set global_myname to: myserver
doing parameter security = domain
doing parameter password server = dc1
doing parameter server string = Samba (%v) domain (%h)
doing parameter username map = /cm-views/samba.server/lib/users.map
doing parameter log level = 10
doing parameter log file = /cm-views/samba.server/logs/log.%m
doing parameter lock dir = /cm-views/samba.server/locks
doing parameter private dir = /cm-views/samba.server/private
doing parameter client use spnego = yes
doing parameter client ntlmv2 auth = yes
doing parameter client signing = yes
doing parameter server signing = yes
doing parameter client ldap sasl wrapping = seal
doing parameter client schannel = yes
doing parameter server schannel = yes
doing parameter encrypt passwords = yes
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: role = ROLE_DOMAIN_MEMBER
Attempting to register new charset UCS-2LE
Registered charset UCS-2LE
Attempting to register new charset UTF-16LE
Registered charset UTF-16LE
Attempting to register new charset UCS-2BE
Registered charset UCS-2BE
Attempting to register new charset UTF-16BE
Registered charset UTF-16BE
Attempting to register new charset UTF8
Registered charset UTF8
Attempting to register new charset UTF-8
Registered charset UTF-8
Attempting to register new charset ASCII
Registered charset ASCII
Attempting to register new charset 646
Registered charset 646
Attempting to register new charset ISO-8859-1
Registered charset ISO-8859-1
Attempting to register new charset UCS2-HEX
Registered charset UCS2-HEX
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
added interface bge1 ip=172.16.0.130 bcast=172.16.0.255 netmask=255.255.255.128 added interface bge3 ip=172.16.1.2 bcast=172.16.1.127 netmask=255.255.255.128 added interface clprivnet0 ip=172.16.4.2 bcast=172.16.5.255 netmask=255.255.254.0 added interface bge0 ip=10.10.10.43 bcast=10.10.10.255 netmask=255.255.255.0 added interface bge0:2 ip=10.10.10.60 bcast=10.10.10.255 netmask=255.255.255.0 added interface bge0:4 ip=10.10.10.61 bcast=10.10.10.255 netmask=255.255.255.0 added interface bge0:3 ip=10.10.10.62 bcast=10.10.10.255 netmask=255.255.255.0
add_interface: not adding duplicate interface 0.0.0.0
Netbios name list:-
my_netbios_names[0]="myserver"
Client started (version 3.5.8).
Enter cdavis15's password:
Opening cache file at /cm-views/samba.server/locks/gencache.tdb
Opening cache file at /cm-views/samba.server/locks/gencache_notrans.tdb
Cache entry with key = AD_SITENAME/DOMAIN/ couldn't be found
sitename_fetch: No stored sitename for
internal_resolve_name: looking up myserver#20 (sitename (null))
Cache entry with key = NBT/myserver#20 couldn't be found
no entry for myserver#20 found.
resolve_lmhosts: Attempting lmhosts lookup for name myserver<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name myserver<0x20>
resolve_wins: WINS server resolution selected and no WINS servers listed.
resolve_hosts: Attempting host lookup for name myserver<0x20>
remove_duplicate_addrs2: looking for duplicate address/port pairs
namecache_store: storing 1 address for myserver#20: 10.10.10.62
Adding cache entry with key = NBT/myserver#20 and timeout = Fri Apr 13 17:34:17 2012
 (660 seconds ahead)
internal_resolve_name: returning 1 addresses: 10.10.10.62:0
Running timed event "tevent_req_timedout" 7b11d0
Connecting to 10.10.10.62 at port 445
Socket options:
        SO_KEEPALIVE = 0
        SO_REUSEADDR = 0
        SO_BROADCAST = 0
        TCP_NODELAY = 1
        IPTOS_LOWDELAY = 0
        IPTOS_THROUGHPUT = 0
        SO_SNDBUF = 49152
        SO_RCVBUF = 49152
        Could not test socket option SO_SNDLOWAT.
        Could not test socket option SO_RCVLOWAT.
        Could not test socket option SO_SNDTIMEO.
        Could not test socket option SO_RCVTIMEO.
 session request ok
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Substituting charset 'ISO8859-1' for LOCALE
Doing spnego session setup (blob length=58)
got OID=1.3.6.1.4.1.311.2.2.10
got principal=NONE
&negotiate: struct NEGOTIATE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmNegotiate (1)
        NegotiateFlags           : 0x60088215 (1611170325)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               0: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               0: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
        DomainNameLen            : 0x0007 (7)
        DomainNameMaxLen         : 0x0007 (7)
        DomainName               : *
            DomainName               : 'MYDOMAIN'
        WorkstationLen           : 0x000f (15)
        WorkstationMaxLen        : 0x000f (15)
        Workstation              : *
            Workstation              : 'myserver'
smb_signing_sign_pdu: sent SMB signature of
[0000] 42 53 52 53 50 59 4C 20                            BSRSPYL
write_socket(6,174)
write_socket(6,174) wrote 174
got smb length of 256
size=256
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51203
smb_tid=0
smb_pid=28352
smb_uid=100
smb_mid=2
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=  163 (0xA3)
smb_bcc=213
[0000] A1 81 A0 30 81 9D A0 03 0A 01 01 A1 0C 06 0A 2B ¡. 0.. . ...¡...+ [0010] 06 01 04 01 82 37 02 02 0A A2 81 87 04 81 84 4E .....7.. .......N [0020] 54 4C 4D 53 53 50 00 02 00 00 00 0E 00 0E 00 30 TLMSSP.. .......0 [0030] 00 00 00 15 82 89 60 79 0C B4 2C A3 64 A6 AD 00 ......`y ..,.d... [0040] 00 00 00 00 00 00 00 46 00 46 00 3E 00 00 00 53 .......F .F.>...S [0050] 00 50 00 45 00 43 00 54 00 52 00 45 00 02 00 0E .P.E.C.T .R.E.... [0060] 00 53 00 50 00 45 00 43 00 54 00 52 00 45 00 01 .S.P.E.C .T.R.E.. [0070] 00 1E 00 43 00 4F 00 53 00 2D 00 43 00 43 00 2D ...C.O.S .-.C.C.- [0080] 00 43 00 4D 00 2D 00 56 00 49 00 45 00 57 00 53 .C.M.-.V .I.E.W.S [0090] 00 04 00 00 00 03 00 06 00 63 00 63 00 31 00 00 ........ .c.c.1.. [00A0] 00 00 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 ...U.n.i .x...S.a [00B0] 00 6D 00 62 00 61 00 20 00 33 00 2E 00 35 00 2E .m.b.a. .3...5.. [00C0] 00 38 00 00 00 53 00 50 00 45 00 43 00 54 00 52 .8...S.P .E.C.T.R
[00D0] 00 45 00 00 00                                    .E...
size=256
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51203
smb_tid=0
smb_pid=28352
smb_uid=100
smb_mid=2
smt_wct=4
smb_vwv[ 0]=  255 (0xFF)
smb_vwv[ 1]=    0 (0x0)
smb_vwv[ 2]=    0 (0x0)
smb_vwv[ 3]=  163 (0xA3)
smb_bcc=213
[0000] A1 81 A0 30 81 9D A0 03 0A 01 01 A1 0C 06 0A 2B ¡. 0.. . ...¡...+ [0010] 06 01 04 01 82 37 02 02 0A A2 81 87 04 81 84 4E .....7.. .......N [0020] 54 4C 4D 53 53 50 00 02 00 00 00 0E 00 0E 00 30 TLMSSP.. .......0 [0030] 00 00 00 15 82 89 60 79 0C B4 2C A3 64 A6 AD 00 ......`y ..,.d... [0040] 00 00 00 00 00 00 00 46 00 46 00 3E 00 00 00 53 .......F .F.>...S [0050] 00 50 00 45 00 43 00 54 00 52 00 45 00 02 00 0E .P.E.C.T .R.E.... [0060] 00 53 00 50 00 45 00 43 00 54 00 52 00 45 00 01 .S.P.E.C .T.R.E.. [0070] 00 1E 00 43 00 4F 00 53 00 2D 00 43 00 43 00 2D ...C.O.S .-.C.C.- [0080] 00 43 00 4D 00 2D 00 56 00 49 00 45 00 57 00 53 .C.M.-.V .I.E.W.S [0090] 00 04 00 00 00 03 00 06 00 63 00 63 00 31 00 00 ........ .c.c.1.. [00A0] 00 00 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 ...U.n.i .x...S.a [00B0] 00 6D 00 62 00 61 00 20 00 33 00 2E 00 35 00 2E .m.b.a. .3...5.. [00C0] 00 38 00 00 00 53 00 50 00 45 00 43 00 54 00 52 .8...S.P .E.C.T.R
[00D0] 00 45 00 00 00                                    .E...
&challenge: struct CHALLENGE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmChallenge (0x2)
        TargetNameLen            : 0x000e (14)
        TargetNameMaxLen         : 0x000e (14)
        TargetName               : *
            TargetName               : 'MYDOMAIN'
        NegotiateFlags           : 0x60898215 (1619624469)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               1: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               1: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
        ServerChallenge          : 790cb42ca364a6ad
        Reserved                 : 0000000000000000
        TargetInfoLen            : 0x0046 (70)
        TargetNameInfoMaxLen     : 0x0046 (70)
        TargetInfo               : *
            TargetInfo: struct AV_PAIR_LIST
                count                    : 0x00000005 (5)
                pair: ARRAY(5)
                    pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
                        AvLen                    : 0x000e (14)
Value : union ntlmssp_AvValue(case 0x2)
                        AvNbDomainName           : 'MYDOMAIN'
                    pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
                        AvLen                    : 0x001e (30)
Value : union ntlmssp_AvValue(case 0x1)
                        AvNbComputerName         : 'myserver'
                    pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
                        AvLen                    : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x4)
                        AvDnsDomainName          : ''
                    pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
                        AvLen                    : 0x0006 (6)
Value : union ntlmssp_AvValue(case 0x3)
                        AvDnsComputerName        : 'cc1'
                    pair: struct AV_PAIR
                        AvId                     : MsvAvEOL (0x0)
                        AvLen                    : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
Got challenge flags:
Got NTLMSSP neg_flags=0x60898215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_TARGET_INFO
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
&authenticate: struct AUTHENTICATE_MESSAGE
        Signature                : 'NTLMSSP'
        MessageType              : NtLmAuthenticate (3)
        LmChallengeResponseLen   : 0x0018 (24)
        LmChallengeResponseMaxLen: 0x0018 (24)
        LmChallengeResponse      : *
            LmChallengeResponse      : union ntlmssp_LM_RESPONSE(case 24)
            v1: struct LM_RESPONSE
Response : 078e894cc35e1708df68607b51c47cd6fc4cd6febd7d4ca4
        NtChallengeResponseLen   : 0x0072 (114)
        NtChallengeResponseMaxLen: 0x0072 (114)
        NtChallengeResponse      : *
NtChallengeResponse : union ntlmssp_NTLM_RESPONSE(case 114)
            v2: struct NTLMv2_RESPONSE
Response : ff564e232df73299417995e0973dd4e3
                Challenge: struct NTLMv2_CLIENT_CHALLENGE
                    RespType                 : 0x01 (1)
                    HiRespType               : 0x01 (1)
                    Reserved1                : 0x0000 (0)
                    Reserved2                : 0x00000000 (0)
TimeStamp : April 13, 2012 05:23:17 PM GMT GMT
                    ChallengeFromClient      : 7cc0c9cc205d2ce2
                    Reserved3                : 0x00000000 (0)
                    AvPairs: struct AV_PAIR_LIST
                        count                    : 0x00000005 (5)
                        pair: ARRAY(5)
                            pair: struct AV_PAIR
AvId : MsvAvNbDomainName (0x2)
                                AvLen                    : 0x000e (14)
Value : union ntlmssp_AvValue(case 0x2)
                                AvNbDomainName           : 'MYDOMAIN'
                            pair: struct AV_PAIR
AvId : MsvAvNbComputerName (0x1)
                                AvLen                    : 0x001e (30)
Value : union ntlmssp_AvValue(case 0x1)
                                AvNbComputerName         : 'myserver'
                            pair: struct AV_PAIR
AvId : MsvAvDnsDomainName (0x4)
                                AvLen                    : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x4)
                                AvDnsDomainName          : ''
                            pair: struct AV_PAIR
AvId : MsvAvDnsComputerName (0x3)
                                AvLen                    : 0x0006 (6)
Value : union ntlmssp_AvValue(case 0x3)
                                AvDnsComputerName        : 'cc1'
                            pair: struct AV_PAIR
                                AvId                     : MsvAvEOL (0x0)
                                AvLen                    : 0x0000 (0)
Value : union ntlmssp_AvValue(case 0x0)
        DomainNameLen            : 0x000e (14)
        DomainNameMaxLen         : 0x000e (14)
        DomainName               : *
            DomainName               : 'MYDOMAIN'
        UserNameLen              : 0x0010 (16)
        UserNameMaxLen           : 0x0010 (16)
        UserName                 : *
            UserName                 : 'cdavis15'
        WorkstationLen           : 0x001e (30)
        WorkstationMaxLen        : 0x001e (30)
        Workstation              : *
            Workstation              : 'myserver'
        EncryptedRandomSessionKeyLen: 0x0010 (16)
        EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
        EncryptedRandomSessionKey: *
            EncryptedRandomSessionKey: DATA_BLOB length=16
[0000] 7F 69 AF 9D 61 58 E0 8F FB 4B BF 94 3B B4 B9 EE .i..aXà. ûK¿.;..î
        NegotiateFlags           : 0x60088215 (1611170325)
               1: NTLMSSP_NEGOTIATE_UNICODE
               0: NTLMSSP_NEGOTIATE_OEM
               1: NTLMSSP_REQUEST_TARGET
               1: NTLMSSP_NEGOTIATE_SIGN
               0: NTLMSSP_NEGOTIATE_SEAL
               0: NTLMSSP_NEGOTIATE_DATAGRAM
               0: NTLMSSP_NEGOTIATE_LM_KEY
               0: NTLMSSP_NEGOTIATE_NETWARE
               1: NTLMSSP_NEGOTIATE_NTLM
               0: NTLMSSP_NEGOTIATE_NT_ONLY
               0: NTLMSSP_ANONYMOUS
               0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
               0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
               0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
               1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
               0: NTLMSSP_TARGET_TYPE_DOMAIN
               0: NTLMSSP_TARGET_TYPE_SERVER
               0: NTLMSSP_TARGET_TYPE_SHARE
               1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
               0: NTLMSSP_NEGOTIATE_IDENTIFY
               0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
               0: NTLMSSP_NEGOTIATE_TARGET_INFO
               0: NTLMSSP_NEGOTIATE_VERSION
               1: NTLMSSP_NEGOTIATE_128
               1: NTLMSSP_NEGOTIATE_KEY_EXCH
               0: NTLMSSP_NEGOTIATE_56
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
  NTLMSSP_NEGOTIATE_UNICODE
  NTLMSSP_REQUEST_TARGET
  NTLMSSP_NEGOTIATE_SIGN
  NTLMSSP_NEGOTIATE_NTLM
  NTLMSSP_NEGOTIATE_ALWAYS_SIGN
  NTLMSSP_NEGOTIATE_NTLM2
  NTLMSSP_NEGOTIATE_128
  NTLMSSP_NEGOTIATE_KEY_EXCH
smb_signing_sign_pdu: sent SMB signature of
[0000] 42 53 52 53 50 59 4C 20                            BSRSPYL
write_socket(6,380)
write_socket(6,380) wrote 380
got smb length of 35
size=35
smb_com=0x73
smb_rcls=141
smb_reh=1
smb_err=49152
smb_flg=136
smb_flg2=51203
smb_tid=0
smb_pid=28352
smb_uid=100
smb_mid=3
smt_wct=0
smb_bcc=0
size=35
smb_com=0x73
smb_rcls=141
smb_reh=1
smb_err=49152
smb_flg=136
smb_flg2=51203
smb_tid=0
smb_pid=28352
smb_uid=100
smb_mid=3
smt_wct=0
smb_bcc=0
SPNEGO login failed: Trust relationship failure
session setup failed: NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba



[Linux]     [Info Cyrus]     [LARTC]     [Bugtraq]     [Netfilter]     [Internet Dating Forums]     [RAID]     [Yosemite News]     [Photography]

Add to Google Powered by Linux