List 3 Windows 2000のドメインコントローラがダウンしている場合にWindows 2000クライアントからログオンしたときのトレース
1 CELICA LILY DNS 0x1:Std Qry for _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
2 LILY CELICA DNS 0x1:Std Qry Resp. for _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
3 CELICA LILY LDAP ProtocolOp: SearchRequest (3)
4 CELICA LILY DNS 0x3:Std Qry for _ldap._tcp.dc._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
5 LILY CELICA DNS 0x3:Std Qry Resp. for _ldap._tcp.dc._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
6 CELICA LILY DNS 0x5:Std Qry for _ldap._tcp.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.domains._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
7 LILY CELICA DNS 0x5:Std Qry Resp. for _ldap._tcp.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.domains._msdcs.active.dsl.local. of type Srv Loc on class INET addr.
8 CELICA LILY NBT NS: Query req. for ACTIVE <1C>
9 LILY CELICA NBT NS: Query (Node Status) resp. for ACTIVE <1C>, Success
NBT: NS: Query (Node Status) resp. for ACTIVE <1C>, Success
NBT: Transaction ID = 32774 (0x8006)
NBT: Flags Summary = 0x8580 - Resp.; Query; Success
NBT: 1............... = Response
NBT: .0000........... = Query
NBT: .....1.......... = Authoritative Answer
NBT: ......0......... = Datagram not truncated
NBT: .......1........ = Recursion desired
NBT: ........1....... = Recursion available
NBT: .........0...... = Reserved
NBT: ..........0..... = Reserved
NBT: ...........0.... = Not a broadcast packet
NBT: ............0000 = Success
NBT: Question Count = 0 (0x0)
NBT: Answer Count = 1 (0x1)
NBT: Name Service Count = 0 (0x0)
NBT: Additional Record Count = 0 (0x0)
NBT: Resource Record Name = ACTIVE <1C>
NBT: Resource Record Type = NetBIOS General Name Service
NBT: Resource Record Class = Internet Class
NBT: Time To Live(Milliseconds) = 0 (0x0)
NBT: RDATA Length = 30 (0x1E)
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.1
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.1
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.22
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.23
NBT: Resource Record Flags = 32768 (0x8000)
NBT: 1............... = Group NetBIOS Name
NBT: .00............. = B Node
NBT: ...0000000000000 = Reserved
NBT: Owner IP Address = 192.168.1.21
10 CELICA *BRDCST Netlogon SAM LOGON request from client
11 CELICA LILY Netlogon SAM LOGON request from client CELICA
12 NT40SV-2 CELICA Netlogon SAM Response to SAM LOGON request NT40SV-2
13 CELICA *BRDCST ARP_RARP ARP: Request, Target IP: 192.168.1.21
14 NT40SV-2 CELICA ARP_RARP ARP: Reply, Target IP: 192.168.1.253 Target Hdwr Addr: xxxxxxxxxxxx
15 CELICA NT40SV-2 Netlogon SAM LOGON request from client
16 NT40SV-2 CELICA Netlogon SAM Response when user is unknown NT40SV-2
17 CELICA LILY NBT NS: Query req. for NT40SV-2
18 LILY CELICA NBT NS: Query (Node Status) resp. for NT40SV-2, Success
19 CELICA NT40SV-2 TCP ....S., len: 0, seq:4159217113-4159217113, ack: 0, win:16384, src: 1036 dst: 139 (NBT Session)
20 NT40SV-2 CELICA TCP .A..S., len: 0, seq: 59860-59860, ack:4159217114, win: 8760, src: 139 (NBT Session) dst: 1036
21 CELICA NT40SV-2 TCP .A...., len: 0, seq:4159217114-4159217114, ack: 59861, win:17520, src: 1036 dst: 139 (NBT Session)
22 CELICA NT40SV-2 NBT SS: Session Request, Dest: NT40SV-2 , Source: CELICA <00>, Len: 68
23 NT40SV-2 CELICA NBT SS: Positive Session Response, Len: 0
24 CELICA NT40SV-2 SMB C negotiate, Dialect = NT LM 0.12
25 NT40SV-2 CELICA SMB R negotiate, Dialect # = 5 NT40SV-2
27 CELICA NT40SV-2 SMB C session setup & X, Username = , and C tree connect & X, Share = \\NT40SV-2\IPC$
28 NT40SV-2 CELICA SMB R session setup & X, and R tree connect & X, Type = IPC
29 CELICA NT40SV-2 SMB C NT create & X, File = \NETLOGON
30 NT40SV-2 CELICA SMB R NT create & X, FID = 0x800
31 CELICA NT40SV-2 MSRPC c/o RPC Bind: UUID xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx call 0x1 assoc grp 0x0 xmit 0x10B8 recv 0x10B8
32 NT40SV-2 CELICA SMB R write & X, Wrote 0x48
33 CELICA NT40SV-2 SMB C read & X, FID = 0x800, Read 0x400 at 0x00000000
34 NT40SV-2 CELICA MSRPC c/o RPC Bind Ack: call 0x1 assoc grp 0x95B6 xmit 0x10B8 recv 0x10B8
35 CELICA NT40SV-2 R_LOGON RPC Client call logon:NetrServerReqChallenge(..)
36 NT40SV-2 CELICA SMB R write & X, Wrote 0x62
37 CELICA NT40SV-2 SMB C read & X, FID = 0x800, Read 0x400 at 0x00000000
38 NT40SV-2 CELICA R_LOGON RPC Server response logon:NetrServerReqChallenge(..)
39 CELICA LILY DNS 0x6:Std Qry for nt40sv-2.active.dsl.local. of type Host Addr on class INET addr.
40 LILY CELICA DNS 0x6:Std Qry Resp. Auth. NS is active.dsl.local. of type SOA on class INET addr. : Name does not exist
41 CELICA NT40SV-2 R_LOGON Error: Bad Opcode (Function does not exist)
42 NT40SV-2 CELICA SMB R write & X, Wrote 0x88 NT40SV-2
43 CELICA NT40SV-2 SMB C read & X, FID = 0x800, Read 0x400 at 0x00000000
44 NT40SV-2 CELICA MSRPC c/o RPC Fault: call 0x2 context 0x0 status 0x1C010002 cancels 0x0
45 CELICA NT40SV-2 R_LOGON RPC Client call logon:NetrServerAuthenticate2(..)
46 NT40SV-2 CELICA SMB R write & X, Wrote 0x88 NT40SV-2
47 CELICA NT40SV-2 SMB C read & X, FID = 0x800, Read 0x400 at 0x00000000
48 NT40SV-2 CELICA R_LOGON RPC Server response logon:NetrServerAuthenticate2(..) NT40SV-2
49 CELICA NT40SV-2 SMB C close file, FID = 0x800
50 NT40SV-2 CELICA SMB R close file
51 CELICA NT40SV-2 TCP .A...., len: 0, seq:4159218634-4159218634, ack: 60886, win:16495, src: 1036 dst: 139 (NBT Session)