[Samba] winbind: How to map Administrator to "root" on AD member server

Fred F frederik.vogelsang at gmail.com
Sat Feb 15 02:58:56 MST 2014

2014-02-15 9:41 GMT+01:00 steve <steve at steve-ss.com>:
> The ranges overlap.
> Try 0-3499999 for MYDOMAIN
> Steve
Oh thanks, I did not notice that. I fixed it, put the problem still
remains the same:

On the DC (Samba 4.1.4):
gandalf ~ # wbinfo -n "Administrator"
S-1-5-21-1200390382-381037820-236082462-500 SID_USER (1)
gandalf ~ # wbinfo -S S-1-5-21-1200390382-381037820-236082462-500

On the domain member (Samba 4.1.4):
sam ~ # wbinfo -n "Administrator"
S-1-5-21-1200390382-381037820-236082462-500 SID_USER (1)
sam ~ # wbinfo -S S-1-5-21-1200390382-381037820-236082462-500
failed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-1200390382-381037820-236082462-500 to uid

The call of "wbinfo -S USER_SID" works for other users, but not for
the Administrator account. An ldapsearch for the Administrator account
shows that everything should be set up correctly in the AD. Some of
the account's LDAP attrs are:

uidNumber: 0
loginShell: /bin/bash
msSFU30Name: Administrator
unixUserPassword: ABCD!efgh12345$67890
uid: Administrator
unixHomeDirectory: /root
gidNumber: 0

What is going on here? Why is winbind ignoring the uidNumber "0"? As I
mentioned before the uidNumber entries of other users are working as

- Fred

More information about the samba mailing list