[Samba] Unable to validate owner sid.

Mead, Tom tom.mead at intesabci.co.uk
Wed May 15 05:37:02 GMT 2002

I am trying to run Samba 2.2.4 on solaris 2.8 with W2K clients. I have an NT
app installed onto the Solaris 8 server which i would like to run off of the
mapped samba network drive. When i try to start the NT app it attempts to
read a file on the samba drive called .root.passwords but fails (This file
can be accessed with notepad). The following is an extract from the samba
error log. I get the same error message with NT ACL support both enabled and

2002/05/15 13:11:52, 3] lib/util.c:(387)
  unix_clean_name [/common/config/.root.passwords]
[2002/05/15 13:11:52, 3] smbd/dosmode.c:(111)
  unix_mode(common/config/.root.passwords) returning 0644
[2002/05/15 13:11:52, 3] lib/util.c:(387)
  unix_clean_name [common/config/.root.passwords]
[2002/05/15 13:11:52, 4] smbd/open.c:(892)
  calling open_file with flags=0x0 flags2=0x0 mode=0644
[2002/05/15 13:11:52, 2] smbd/open.c:(233)
  INSTALL opened file common/config/.root.passwords read=Yes write=No
[2002/05/15 13:11:52, 3] smbd/posix_acls.c:(449)
  unpack_nt_owners: unable to validate owner sid for
[2002/05/15 13:11:52, 2] smbd/close.c:(213)
  kplus closed file common/config/.root.passwords (numopen=9)
[2002/05/15 13:11:52, 3] smbd/error.c:(91)
  error string = No such file or directory
[2002/05/15 13:11:52, 3] smbd/error.c:(110)
  error packet at smbd/nttrans.c(1375) cmd=160 (SMBnttrans)
[2002/05/15 13:11:52, 3] smbd/process.c:(866)
  Transaction 320 of length 45
[2002/05/15 13:11:52, 3] smbd/process.c:(673)
  switch message SMBclose (pid 928)
[2002/05/15 13:11:52, 4] smbd/uid.c:(118)
  change_to_user: Skipping user change - already user
[2002/05/15 13:11:52, 3] smbd/sec_ctx.c:(314)
  setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0
[2002/05/15 13:11:52, 3] smbd/sec_ctx.c:(319)
  1 user groups:

This is a problem that i have reported previously and from what i gather it
is a known bug that is being worked on. The error message has changed
slightly since previous samba 2.2.X versions. The following log extract is
taken from the same problem with samba 2.2.3a -

> [2002/02/21 11:15:44, 3] smbd/posix_acls.c:unpack_nt_owners(443)
>   unpack_nt_owners: unable to validate owner sid.
Note the missing "for S-1-5-21-1456024563-1430335328-122644288-2355" that i
now get with 2.2.4

This application has worked fine with samba 2.0.X with WINNT clients for a
couple of years but this problem is now preventing me from upgrading not
only samba 2.0.X to 2.2.X but WINNT to 2000 and Solaris2.6 to Solaris 8. If
anyone can give me an idea of why this is happening, if there is a way
around it, and if there is likely to be a fix for it soon it would be

Just incase you need it heres my smb.conf

# Samba config file created using SWAT
# from lnserver (
# Date: 2002/05/15 13:09:03

# Global parameters
        workgroup = BCILDN
        netbios name = LNKSVR5
        netbios aliases = lnksvr5
        security = DOMAIN
        encrypt passwords = Yes
        map to guest = Bad User
        password server = LNSERVER SATURN_BDC
        username map = /usr/local/samba/private/usermap
        log level = 4
        syslog = 4
        guest account = ksmb
        create mask = 0644

        comment = kplushome
        path = /usr/kplushome
        read only = No
        guest ok = Yes
        nt acl support = No
        hide dot files = No
        fstype = Samba

        comment = homes
        path = /HOME/%u
        read only = No
        browseable = No


Tom Mead

More information about the samba mailing list