[Samba] Users SID problem

Wes Modes wmodes at ucsc.edu
Mon May 12 19:12:04 GMT 2008 

Don't these tests make some presumptions?  For instance, Shacky didn't 
say that he was attempting to join an active directory domain.  In fact, 
he has security=User, security=ADS.

I'd like to understand the problem he is having, because I am having the 
same one.  However, I don't want to be distracted if ADS is a red herring.

Wes

Linux Addict wrote:
> Its okay not to have domain's SID. This is not the reason you are not
> able to login.
>
> What is the output of
>
> 1.wbinfo -t
> 2.wbinfo -g
> 3.testparm
> 4.net ads info
> 5.kinit <AD username>
>
>
>
>
> On Tue, May 6, 2008 at 3:41 AM, shacky <shacky83 at gmail.com> wrote:
>   
>> Hi.
>>
>> I realized that I have a problem with the users SID.
>> Thy are different between the SID of the domain.
>> Let's see the output of these commands:
>>
>> server:/home/utenti/user# net getlocalsid
>> SID for domain SERVER is: S-1-5-21-1375271547-2371556575-3111006354
>>
>> server:/home/utenti/user# pdbedit -Lv test
>> Unix username:        test
>> NT username:
>> Account Flags:        [U          ]
>> User SID:             S-1-5-21-73733321-1646160496-1160744844-3004
>> Primary Group SID:    S-1-5-21-73733321-1646160496-1160744844-513
>> Full Name:            Test
>> Home Directory:
>> HomeDir Drive:
>> Logon Script:         test.bat
>> Profile Path:
>> Domain:               MYDOMAIN
>> Account desc:
>> Workstations:
>> Munged dial:
>> Logon time:           0
>> Logoff time:          9223372036854775807 seconds since the Epoch
>> Kickoff time:         9223372036854775807 seconds since the Epoch
>> Password last set:    lun, 05 mag 2008 10:44:20 CEST
>> Password can change:  lun, 05 mag 2008 10:44:20 CEST
>> Password must change: 9223372036854775807 seconds since the Epoch
>> Last bad password   : 0
>> Bad password count  : 0
>> Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>>
>> Please note that the User SID and the Primary Group SID don't contain
>> the SID of the domain, are completely different.
>> It is the same for all user.
>> Is it normal or is it a problem?
>> I cannot logon to the domain from the Windows clients.
>> How I can solve this problem, and how I can make the change definitive
>> for all new users too?
>>
>> Thank you very much!
>> Ciao.
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>
>>     

-- 

Wes Modes
Server Administrator & Programmer Analyst
McHenry Library
Computing & Network Services
Information and Technology Services
459-5208

More information about the samba mailing list