List 4 Windows NT 4.0クライアントからサイトを構成したActive Directoryドメインにログオンする場合のトレース
1 PC98-D LILY NBT NS: Query req. for ACTIVE <1B>
2 LILY PC98-D NBT NS: Query (Node Status) resp. for ACTIVE <1B>, Success
NBT: NS: Query (Node Status) resp. for ACTIVE <1B>, Success
NBT: Transaction ID = 32774 (0x8006)
NBT: Flags Summary = 0x8580 - Resp.; Query; Success
NBT: 1............... = Response
NBT: .0000........... = Query
NBT: .....1.......... = Authoritative Answer
NBT: ......0......... = Datagram not truncated
NBT: .......1........ = Recursion desired
NBT: ........1....... = Recursion available
NBT: .........0...... = Reserved
NBT: ..........0..... = Reserved
NBT: ...........0.... = Not a broadcast packet
NBT: ............0000 = Success
NBT: Question Count = 0 (0x0)
NBT: Answer Count = 1 (0x1)
NBT: Name Service Count = 0 (0x0)
NBT: Additional Record Count = 0 (0x0)
NBT: Resource Record Name = ACTIVE <1B>
NBT: Resource Record Type = NetBIOS General Name Service
NBT: Resource Record Class = Internet Class
NBT: Time To Live(Milliseconds) = 0 (0x0)
NBT: RDATA Length = 6 (0x6)
NBT: Resource Record Flags = 24576 (0x6000)
NBT: 0............... = Unique NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.1
3 PC98-D LILY Netlogon Query for Primary DC
4 LILY PC98-D Netlogon Response to Primary Query
Netlogon: Response to Primary Query
Netlogon: Opcode = Response to Primary Query
Netlogon: Primary DC Name = LILY
Netlogon: Pad = 0 (0x0)
Netlogon: Unicode Primary DC Name = LILY
Netlogon: Unicode Domain Name = ACTIVE
Netlogon: NT Version = 1 (0x1)
Netlogon: LMNT Token = WindowsNT Networking
Netlogon: LM20 Token = OS/2 LAN Manager 2.0 (or later) Networking
5 PC98-D LILY NBT NS: Query req. for LILY
6 LILY PC98-D NBT NS: Query (Node Status) resp. for LILY, Success
7 PC98-D LILY TCP ....S., len: 0, seq:2672866352-2672866352, ack: 0, win: 8192, src: 1025 dst: 139 (NBT Session)
8 LILY PC98-D TCP .A..S., len: 0, seq:3955174314-3955174314, ack:2672866353, win:17520, src: 139 (NBT Session) dst: 1025
9 PC98-D LILY TCP .A...., len: 0, seq:2672866353-2672866353, ack:3955174315, win: 8760, src: 1025 dst: 139 (NBT Session) PC98-D LILY IP
10 PC98-D LILY NBT SS: Session Request, Dest: LILY , Source: PC98-D <00>, Len: 68
11 LILY PC98-D NBT SS: Positive Session Response, Len: 0
12 PC98-D LILY SMB C negotiate, Dialect =
13 LILY PC98-D SMB R negotiate, Dialect # = 7
14 PC98-D LILY SMB C session setup & X, Username = , and C tree connect & X, Share = \\LILY\IPC$
15 LILY PC98-D SMB R session setup & X, and R tree connect & X, Type = IPC
16 PC98-D LILY SMB C transact2 NT Get DFS Referral
17 LILY PC98-D SMB R transact2 Open (response)
18 PC98-D LILY TCP .A...., len: 0, seq:2672866853-2672866853, ack:3955175224, win: 7851, src: 1025 dst: 139 (NBT Session)
19 PC98-D LILY NBT NS: Query req. for ACTIVE <1C>
20 LILY PC98-D NBT NS: Query (Node Status) resp. for ACTIVE <1C>, Success
NBT: NS: Query (Node Status) resp. for ACTIVE <1C>, Success
NBT: Transaction ID = 32780 (0x800C)
NBT: Flags Summary = 0x8580 - Resp.; Query; Success
NBT: 1............... = Response
NBT: .0000........... = Query
NBT: .....1.......... = Authoritative Answer
NBT: ......0......... = Datagram not truncated
NBT: .......1........ = Recursion desired
NBT: ........1....... = Recursion available
NBT: .........0...... = Reserved
NBT: ..........0..... = Reserved
NBT: ...........0.... = Not a broadcast packet
NBT: ............0000 = Success
NBT: Question Count = 0 (0x0)
NBT: Answer Count = 1 (0x1)
NBT: Name Service Count = 0 (0x0)
NBT: Additional Record Count = 0 (0x0)
NBT: Resource Record Name = ACTIVE <1C>
NBT: Resource Record Type = NetBIOS General Name Service
NBT: Resource Record Class = Internet Class
NBT: Time To Live(Milliseconds) = 0 (0x0)
NBT: RDATA Length = 30 (0x1E)
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.1
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.23
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.1
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.22
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.2.23
21 PC98-D *BRDCST Netlogon SAM LOGON request from client
22 PC98-D LILY Netlogon SAM LOGON request from client
23 PC98-D *BRDCST ARP_RARP ARP: Request, Target IP: 192.168.1.23
24 LILY PC98-D Netlogon SAM Response to SAM LOGON request
25 PC98-D LILY SMB C NT create & X, File = \lsarpc
26 LILY PC98-D SMB R NT create & X, FID = 0x4000
27 PC98-D LILY MSRPC c/o RPC Bind: UUID 1xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx call 0x2DAA assoc grp 0x0 xmit 0x1630 recv 0x1630
28 LILY PC98-D MSRPC c/o RPC Bind Ack: call 0x2DAA assoc grp 0xE2B2 xmit 0x10B8 recv 0x10B8
29 PC98-D LILY R_LSARPC RPC Client call lsarpc:LsarOpenPolicy2(..)
30 LILY PC98-D R_LSARPC RPC Server response lsarpc:LsarOpenPolicy2(..)
31 PC98-D LILY R_LSARPC RPC Client call lsarpc:LsarEnumerateTrustedDomains(..)
32 LILY PC98-D R_LSARPC RPC Server response lsarpc:LsarEnumerateTrustedDomains(..)
33 PC98-D LILY R_LSARPC RPC Client call lsarpc:LsarEnumerateTrustedDomains(..)
34 LILY PC98-D R_LSARPC RPC Server response lsarpc:LsarEnumerateTrustedDomains(..)
35 PC98-D LILY R_LSARPC RPC Client call lsarpc:LsarClose(..)
36 LILY PC98-D R_LSARPC RPC Server response lsarpc:LsarClose(..)
37 PC98-D LILY SMB C close file, FID = 0x4000
38 LILY PC98-D SMB R close file
39 PC98-D LILY SMB C NT create & X, File = \NETLOGON
40 LILY PC98-D SMB R NT create & X, FID = 0x4001
41 PC98-D LILY MSRPC c/o RPC Bind: UUID xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx call 0x4 assoc grp 0x0 xmit 0x1630 recv 0x1630
42 LILY PC98-D MSRPC c/o RPC Bind Ack: call 0x4 assoc grp 0xE2B3 xmit 0x10B8 recv 0x10B8
43 PC98-D LILY R_LOGON RPC Client call logon:NetrServerReqChallenge(..)
44 LILY PC98-D R_LOGON RPC Server response logon:NetrServerReqChallenge(..)
45 PC98-D LILY R_LOGON RPC Client call logon:NetrServerAuthenticate2(..)
46 LILY PC98-D R_LOGON RPC Server response logon:NetrServerAuthenticate2(..)