[Samba] samba 2.2.5 unable to validate sid.

Mead, Tom tom.mead at intesabci.co.uk
Wed Jun 26 03:48:02 GMT 2002 

I am still having the following problem with samba 2.2.X - i have tried all
release's up to the latest 2.2.5 and reported the problem each time i try a
new release. I am running Solaris 8 server, windows 2000 SP2 (and NT4 as
well). 
To recap on the problem - i have a NT application installed onto the Solaris
server in an area that is mapped to a network drive on the Windows 2000
workstation. When i try to start the application it tries to read a file
(.root.passwords) on the server and fails - despite the fact that i can view
the file using notepad from the same workstation with no problems.
I am not using winbindd, the SID that samba says it cannot validate in the
log (S-1-5-21-1456024563-1430335328-122644288-2355) is that of the NT domain
user logged into the Windows 2000 workstation - the actual machine sid is
(S-1-5-21-871312468-273679825-1712333365). Please see log extract and
smb.conf below.
All of this used to work perfectly with Samba 2.0.X with Solaris 2.6 and
NT4.

-------------SMB.CONF-----------------

# Samba config file created using SWAT
# from lnserver (10.33.47.4)
# Date: 2002/05/23 21:47:47

# Global parameters
[global]
        workgroup = BCILDN
        netbios name = LNKSVR5
        netbios aliases = lnksvr5
        security = DOMAIN
        encrypt passwords = Yes
        map to guest = Bad User
        password server = LNSERVER SATURN_BDC
        username map = /usr/local/samba/private/usermap
        log level = 4
        syslog = 4
        guest account = ksmb
        create mask = 0644
        force unknown acl user = Yes

[kplushome]
        comment = kplushome
        path = /usr/kplushome
        read only = No
        guest ok = Yes
        nt acl support = No
        hide dot files = No
        fstype = Samba

[homes]
        comment = homes
        path = /HOME/%u
        read only = No
        browseable = No

-------------LOG EXTRACT----------------- 

2002/05/23 22:43:22, 4] smbd/uid.c:change_to_user(119)
  change_to_user: Skipping user change - already user
[2002/05/23 22:43:22, 3] lib/util.c:unix_clean_name(387)
  unix_clean_name [/common/config/.root.passwords]
[2002/05/23 22:43:22, 3] smbd/dosmode.c:unix_mode(111)
  unix_mode(common/config/.root.passwords) returning 0644
[2002/05/23 22:43:22, 3] lib/util.c:unix_clean_name(387)
  unix_clean_name [common/config/.root.passwords]
[2002/05/23 22:43:22, 4] smbd/open.c:open_file_shared1(892)
  calling open_file with flags=0x0 flags2=0x0 mode=0644
[2002/05/23 22:43:22, 2] smbd/open.c:open_file(233)
  INSTALL opened file common/config/.root.passwords read=Yes write=No
(numopen=10)
[2002/05/23 22:43:22, 3] smbd/posix_acls.c:unpack_nt_owners(449)
  unpack_nt_owners: unable to validate owner sid for
S-1-5-21-1456024563-1430335328-122644288-2355.
[2002/05/23 22:43:22, 2] smbd/close.c:close_normal_file(213)
  install closed file common/config/.root.passwords (numopen=9)
[2002/05/23 22:43:22, 3] smbd/error.c:error_packet(91)
  error string = No such file or directory
[2002/05/23 22:43:22, 3] smbd/error.c:error_packet(110)
  error packet at smbd/nttrans.c(1375) cmd=160 (SMBnttrans)
NT_STATUS_ACCESS_DENIED
[2002/05/23 22:43:25, 3] smbd/process.c:process_smb(877)
  Transaction 305 of length 45
[2002/05/23 22:43:25, 3] smbd/process.c:switch_message(684)
  switch message SMBclose (pid 11022)
[2002/05/23 22:43:25, 4] smbd/uid.c:change_to_user(119)
  change_to_user: Skipping user change - already user

Your probably all bored of hearing about this problem - but its a real pain
is the neck for me.

Thanks

Tom

More information about the samba mailing list