[Samba] Why would "net rpc rights grant" fail ?

Rowland Penny rowlandpenny at googlemail.com
Mon Apr 14 09:13:46 MDT 2014


On 14/04/14 16:04, Koenraad Lelong wrote:
> op 14-04-14 16:44, Koenraad Lelong schreef:
>
>>
>> I'll forget about root in samba, but what about the root that's in
>> samba-tool user list ? Can I remove that ? That root is member of
>> "Domain Admins".
>>
>
> Studying the log of the classicupgrade I see I can remove root :
>
> Importing users
> User root has been kept in the directory, it should be removed in 
> favour of the Administrator user
> Commiting 'add users' transaction to disk
> Adding users to groups
> Commiting 'add users to groups' transaction to disk
> Setting password for administrator
> Administrator password has been set to password of user 'root'
>
> Later I see :
>
> Initialising default vfs hooks
> Initialising custom vfs hooks from [/[Default VFS]/]
> Initialising custom vfs hooks from [acl_xattr]
> Initialising custom vfs hooks from [dfs_samba4]
> connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' 
> and 'force unknown acl user = true' for service sysvol
> unix_mode(/var/lib/samba/sysvol) returning 0777
> unix_mode(/var/lib/samba/sysvol) returning 0664
> unpack_nt_owners: owner sid mapped to uid 0
> unpack_nt_owners: group sid mapped to gid 65533
> set_nt_acl: chown /var/lib/samba/sysvol. uid = 0, gid = 65533.
> Search for gidNumber=65533 gave duplicate results, failing to map to a 
> SID!

You seem to have two (or more) groups with the same gidNumber, try 
searching in AD for this gidNumber .

Rowland

> idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED
> idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
> idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
> idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED
> idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED
>
> This is the first time that "sid_to_xid" appears in the log.
>
> Koenraad.



More information about the samba mailing list