[Samba] SEC: UNCLASSIFIED:-Could not convert sid to gid

Matt.Jones1 at defence.gov.au Matt.Jones1 at defence.gov.au
Tue Aug 2 04:07:17 GMT 2005


I'm using a Proliant GL-380 server running Red Had Linux ES 4
(2.6.9-5.0.3.ELSMP) and Samba 3.0.10-1.4E.  The server is acting as a
Domain Member Server of an ADS Windows 2003 server.  The problem I haveI
been having is with some groups not being "migrated" to the Linux
environment, or more specifically converting the group SIDs to GIDs.  The
problem can be summarised as follows:

* Certain users do not appear in certain groups, all primary groups appear
to be unaffected (luckily).
* wbinfo -g | grep groupname reveals that all groups are returned from the
active directory server as expected.
* wbinfo -n groupname successfully returns each groups SID.
* wbinfo -Y SID reports "Could not convert sid SID to gid" for all
offending groups.  Yet this works for other groups.
* A breif check through the samba.log file reveals that the error
(mentioned above) is repeated for the same groups.
* getent groups | grep -i groupname - A query of the admnistrative group
database reveals that none of the offending groups exist.
* At some point in time these groups must have successfully managed a
SID->GID conversion because some users

I'm really struggling to find a solution to this problem without
re-creating each of the groups in question.  Futhermore, how can I avoid
any future occurance of this problem without having to test each Group
after creation.

regards,
Matt




More information about the samba mailing list