[Samba] Could not convert sid: NT_STATUS_NO_SUCH_USER
L.P.H. van Belle
belle at bazuin.nl
Wed Feb 21 15:20:19 UTC 2018
Hai,
Thank you for having trust in my packages.. :-)
Now if you use my package, i suggest, do read the howto's also...
All you need for a good setup on debian stretch is there.
if anyone find/see's improvements, please tell me... Or change it on github, thats why its there.
First is this an upgraded domain? Or a new domain?
What does `getent passwd username` tell you.
Same for `id username`
I would try the following.
Run: net cache flush and try again, if that does not work then check then next..
Review your config base on this member howto.
https://github.com/thctlo/samba4/blob/master/howtos/stretch-base-3.2-samba-member-fileserver.txt
That is a 100% working setup for stretch, if you did use it, then you missed something.
.. You are missing some things in your smb.conf..
Like (optional)
idmap config NTDOM : unix_nss_info = yes
# set this one and run net cache flush again.
And
# User Administrator workaround, without it you are unable to set privileges
# !Note: When using the AD ID mapping back end, do not set the uidNumber attribute for the domain administrator account.
# If the account has the attribute set, the value overrides the local UID 0 of the root user and thus the mapping fails.
username map = /etc/samba/samba_usermapping
Ps.
I'm bit absence, sorry, lots of work todo before i am on ski holiday, next comming week.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Francesco Malvezzi via samba
> Verzonden: woensdag 21 februari 2018 15:46
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Could not convert sid: NT_STATUS_NO_SUCH_USER
>
> hi all,
>
> I can't figure out why winbind can't find ad users with wbinfo calls.
>
> It happens on a member server, Debian GNU/Linux stretch,
> samba is 4.7.5
> from Louis repository:
>
> [global]
> security = ADS
> workgroup = EXAMPLEAD
> realm = EXAMPLE.ORG
> idmap config * : backend = tdb
> idmap config * : range = 1000000-3000000
> idmap config EXAMPLEAD:backend = ad
> idmap config EXAMPLEAD:schema_mode = rfc2307
> idmap config EXAMPLEAD:range = 1005-999999
> template shell = /bin/mosh
> template homedir = /homel/%U
> max log size = 1000
> log level = 10
> panic action = /usr/share/samba/panic-action %d
> server role = member server
> [share]
> comment = Share
> path = /srv/share
> writeable = yes
> valid users = %S
> browseable = no
>
> this works:
> $ sudo net lookup name malvezzi
> S-1-5-21-3239498231-402109693-3067992304-72680 1 (User)
> EXAMPLEAD\malvezzi
>
> (kind of: does the 1 after the sid mean there is an error?)
>
> the following issues a long error, see bottom:
>
> $ wbinfo -i EXAMPLEAD\\malvezzi
> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get info for user EXAMPLEAD\malvezzi
>
> As you can see from the level 10 debug, the directory info of
> the users
> are shown.
>
> I can't understand what "Could not convert sid:
> NT_STATUS_NO_SUCH_USER"
> actually means,
>
> thank you for the help,
>
> Francesco
>
>
> [2018/02/21 15:33:41.451157, 5, pid=21519, effective(0, 0),
> real(0, 0)]
> ../lib/util/debug.c:744(debug_dump_status)
> INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> tevent: 10
> auth_audit: 10
> auth_json_audit: 10
> kerberos: 10
> drs_repl: 10
> doing parameter panic action = /usr/share/samba/panic-action %d
> doing parameter server role = member server
> [2018/02/21 15:33:41.454020, 4, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/param/loadparm.c:3902(lp_load_ex)
> pm_process() returned Yes
> [2018/02/21 15:33:41.454135, 7, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/param/loadparm.c:4221(lp_servicenumber)
> lp_servicenumber: couldn't find homes
> [2018/02/21 15:33:41.455066, 2, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/lib/interface.c:345(add_interface)
> added interface ens160 ip=155.185.3.12 bcast=155.185.3.255
> netmask=255.255.255.0
> [2018/02/21 15:33:41.455507, 6, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd.c:931(winbind_client_request_read)
> closing socket 28, client exited
> [2018/02/21 15:33:44.918611, 6, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind] ../source3/winbindd/winbindd.c:882(new_connection)
> accepted socket 25
> [2018/02/21 15:33:44.919060, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind] ../source3/winbindd/winbindd.c:724(process_request)
> process_request: request fn INTERFACE_VERSION
> [2018/02/21 15:33:44.919127, 3, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_misc.c:395(winbindd_interface_version)
> [21802]: request interface version (version = 29)
> [2018/02/21 15:33:44.919204, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd.c:827(winbind_client_response_written)
> winbind_client_response_written[21802:INTERFACE_VERSION]: delivered
> response to client
> [2018/02/21 15:33:44.919493, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind] ../source3/winbindd/winbindd.c:724(process_request)
> process_request: request fn WINBINDD_PRIV_PIPE_DIR
> [2018/02/21 15:33:44.919553, 3, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_misc.c:428(winbindd_priv_pipe_dir)
> [21802]: request location of privileged pipe
> [2018/02/21 15:33:44.919637, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd.c:827(winbind_client_response_written)
> winbind_client_response_written[21802:WINBINDD_PRIV_PIPE_DIR]:
> delivered response to client
> [2018/02/21 15:33:44.919942, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind] ../source3/winbindd/winbindd.c:697(process_request)
> process_request: Handling async request 21802:GETPWNAM
> [2018/02/21 15:33:44.920005, 3, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
> getpwnam EXAMPLEAD\malvezzi
> [2018/02/21 15:33:44.920063, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_LookupName: struct wbint_LookupName
> in: struct wbint_LookupName
> domain : *
> domain : 'EXAMPLEAD'
> name : *
> name : 'MALVEZZI'
> flags : 0x00000008 (8)
> [2018/02/21 15:33:44.920277, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_LookupName: struct wbint_LookupName
> out: struct wbint_LookupName
> type : *
> type : SID_NAME_USER (1)
> sid : *
> sid :
> S-1-5-21-3239498231-402109693-3067992304-72680
> result : NT_STATUS_OK
> [2018/02/21 15:33:44.920405, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/wb_sids2xids.c:113(wb_sids2xids_send)
> SID 0: S-1-5-21-3239498231-402109693-3067992304-72680
> [2018/02/21 15:33:44.920476, 10, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
> Parsing value for key
> [IDMAP/SID2XID/S-1-5-21-3239498231-402109693-3067992304-72680]:
> value=[41312:U]
> [2018/02/21 15:33:44.920513, 10, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
> Parsing value for key
> [IDMAP/SID2XID/S-1-5-21-3239498231-402109693-3067992304-72680]:
> id=[41312], endptr=[:U]
> [2018/02/21 15:33:44.920560, 10, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/libsmb/samlogon_cache.c:242(netsamlogon_cache_get)
> netsamlogon_cache_get: SID
> [S-1-5-21-3239498231-402109693-3067992304-72680]
> [2018/02/21 15:33:44.920605, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_util.c:1020(find_lookup_domain_from_sid)
> find_lookup_domain_from_sid: SID
> [S-1-5-21-3239498231-402109693-3067992304-72680]
> [2018/02/21 15:33:44.920650, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_util.c:1049(find_lookup_domain_from_sid)
> calling find_our_domain
> [2018/02/21 15:33:44.920689, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_LookupSid: struct wbint_LookupSid
> in: struct wbint_LookupSid
> sid : *
> sid :
> S-1-5-21-3239498231-402109693-3067992304-72680
> [2018/02/21 15:33:44.920809, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_LookupSid: struct wbint_LookupSid
> out: struct wbint_LookupSid
> type : *
> type : SID_NAME_USER (1)
> domain : *
> domain : *
> domain : 'EXAMPLEAD'
> name : *
> name : *
> name : 'malvezzi'
> result : NT_STATUS_OK
> [2018/02/21 15:33:44.920967, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_GetNssInfo: struct wbint_GetNssInfo
> in: struct wbint_GetNssInfo
> info : *
> info: struct wbint_userinfo
> domain_name : *
> domain_name : 'EXAMPLEAD'
> acct_name : *
> acct_name : 'malvezzi'
> full_name : NULL
> homedir : *
> homedir : '/homel/%U'
> shell : *
> shell : '/bin/mosh'
> uid :
> 0x000000000000a160 (41312)
> primary_gid : 0x00000000ffffffff
> (4294967295)
> primary_group_name : NULL
> user_sid :
> S-1-5-21-3239498231-402109693-3067992304-72680
> group_sid :
> S-1-5-21-3239498231-402109693-3067992304-513
> [2018/02/21 15:33:44.922632, 1, pid=21519, effective(0, 0),
> real(0, 0)]
> ../librpc/ndr/ndr.c:468(ndr_print_function_debug)
> wbint_GetNssInfo: struct wbint_GetNssInfo
> out: struct wbint_GetNssInfo
> info : *
> info: struct wbint_userinfo
> domain_name : *
> domain_name : 'EXAMPLEAD'
> acct_name : *
> acct_name : 'malvezzi'
> full_name : NULL
> homedir : *
> homedir : '/homel/%U'
> shell : *
> shell : '/bin/mosh'
> uid :
> 0x000000000000a160 (41312)
> primary_gid : 0x00000000ffffffff
> (4294967295)
> primary_group_name : NULL
> user_sid :
> S-1-5-21-3239498231-402109693-3067992304-72680
> group_sid :
> S-1-5-21-3239498231-402109693-3067992304-513
> result : NT_STATUS_OK
> [2018/02/21 15:33:44.926167, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/wb_sids2xids.c:113(wb_sids2xids_send)
> SID 0: S-1-5-21-3239498231-402109693-3067992304-513
> [2018/02/21 15:33:44.926561, 10, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid)
> Parsing value for key
> [IDMAP/SID2XID/S-1-5-21-3239498231-402109693-3067992304-513]:
> value=[-1:N]
> [2018/02/21 15:33:44.926970, 10, pid=21519, effective(0, 0),
> real(0, 0)]
> ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid)
> Parsing value for key
> [IDMAP/SID2XID/S-1-5-21-3239498231-402109693-3067992304-513]:
> id=[4294967295], endptr=[:N]
> [2018/02/21 15:33:44.927206, 5, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd_getpwnam.c:137(winbindd_getpwnam_recv)
> Could not convert sid
> S-1-5-21-3239498231-402109693-3067992304-72680:
> NT_STATUS_NO_SUCH_USER
> [2018/02/21 15:33:44.927554, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind] ../source3/winbindd/winbindd.c:759(wb_request_done)
> wb_request_done[21802:GETPWNAM]: NT_STATUS_NO_SUCH_USER
> [2018/02/21 15:33:44.927701, 10, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd.c:827(winbind_client_response_written)
> winbind_client_response_written[21802:GETPWNAM]: delivered
> response to
> client
> [2018/02/21 15:33:44.929762, 6, pid=21519, effective(0, 0),
> real(0, 0),
> class=winbind]
> ../source3/winbindd/winbindd.c:931(winbind_client_request_read)
> closing socket 25, client exited
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list