[Samba] string_to_sid: SID @groupname is not in a valid format

Masopust, Christian christian.masopust at siemens.com
Thu Mar 6 01:53:18 MST 2014 

Hi all,

I've installed samba (Sernet 3.6.22 on CentOS 6) on a NATed system and now I'm not able to connect or write to my shares.
The message in the log says:

[2014/03/06 09:45:38.849457,  3, pid=48264, effective(0, 0), real(0, 0)] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp)
  string_to_sid: SID @smc_cc is not in a valid format
[2014/03/06 09:45:38.850510,  3, pid=48264, effective(0, 0), real(0, 0)] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp)
  string_to_sid: SID @osijek is not in a valid format
[2014/03/06 09:45:38.852050,  3, pid=48264, effective(0, 0), real(0, 0)] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp)
  string_to_sid: SID @adv is not in a valid format

smb.conf is below.

When enabling "valid users = @smc_cc, @osijek, @adv" I'm even not able to connect. As "write list" with the same groups
is enabled, I cannot write to that share due to the above error.

What causes this error?

Winbind is running and I can resolve the group names with wbinfo....

Thanks a lot,
Christian


# cat /etc/samba/smb.conf
[global]
        workgroup = xxxx
        netbios name = xxxx
        server string = Samba @ xxxx
        security = ADS
        realm = MY.DOMAIN.NET
        client use spnego = yes
        client signing = mandatory
        server signing = mandatory
        encrypt passwords = yes
        machine password timeout = 0
        syslog = 0
        log file = /var/log/samba/log.%m
        log level = 3
        max log size = 1000
        debug pid = yes
        debug uid = yes
        name resolve order = wins lmhosts host
        deadtime = 5
        os level = 0
        preferred master = no
        local master = no
        domain master = no
        browse list = no
        dns proxy = no
        wins server = x.x.x.x
        ldap ssl = no
        utmp = yes
        hide dot files = no
        dos filetimes = yes
        dos filetime resolution = yes
        fake directory create times = yes
        load printers = no
        printing = bsd
        lm announce = no
        kernel oplocks = no
        oplocks = no
        level2 oplocks = no
        create mask = 0755
        host msdfs = no
        msdfs root = no
        browsable = no
        restrict anonymous = 2
        null passwords = no
        guest account = nobody
        winbind use default domain = yes
        winbind enum users = yes
        winbind enum groups = yes
        idmap config * : backend = tdb
        idmap config * : range = 1000000-1999999

[vobs_adv]
        comment = VOBstorage at OSIR224X
        path = /export/vobstore/advantage
        write list = @smc_cc, at osijek, at adv
        #valid users = @smc_cc, at osijek, at adv
        force  group = +osijek
        create mask = 0775
        directory mask = 0755

More information about the samba mailing list