[Samba] new user can't log
David Whitney
soonerdew at gmail.com
Fri Dec 18 13:16:31 MST 2009
Unless I've blown my memory on Windows internals, each user's SID is
comprised of the domain's SID, then a "self-refential" RID portion. That
means a user from the domain DOMINIOS should NOT have what amounts to a
"prefix" that looks as though it came from a different domain. But unless
I'm mistaken, your logs are telling you exactly that - the domain portion of
the group and user SID's indicate different domains, and that indicates a
problem.
One theory is that perhaps your domain was created, groups and users were
created, but then for some reason your domain SID changed, and perhaps that
led to your described duplicate domain entry (?) problem.
Anyway, I'd take a look at the SIDS of other users and groups and see if
this problem exists for other users or groups on your domain.
-David
More information about the samba
mailing list