[Samba] question about sids and ads auth
Jason Gerfen
jason.gerfen at scl.utah.edu
Wed Jun 4 15:58:52 GMT 2008
Ok so I have a problem and I am trying to figure something out in
regards to samba ads authentication, winbindd sid to uid/gid mapping and
why some domain accounts can map the samba share from linux and windows
when others cannot.
I have a few domain users that when they try to map a samba share when
the authentication takes place fine, the uid/gid seems to work, but in
the log.winbind-idmap I see the following lines:
idmap_sid_to_gid: sid = [S-1-5-21-2868754479-89028146-2101856903-513]
sid [S-1-5-21-2868754479-89028146-2101856903-513] not mapped to an
gid [2,2,2279459400]
But if I do a winbind -n USERNAME I get the following sid
S-1-5-21-2868754479-89028146-2101856903-88482
As you can see they do not match up, is the sid listed in the log a
system account like the netlogon or perhaps the trusted domain account
sid or something?
I am just going through a process of elimination to figure out why some
users work and others do not. Any help is appreciated.
--
Jas
More information about the samba
mailing list