[Samba] "force user" option with NT4 domain

Bowie Bailey Bowie_Bailey at BUC.com
Fri Oct 17 09:39:41 MDT 2014

On 10/15/2014 5:00 PM, Bowie Bailey wrote:
> I've read a fair amount about this problem online, but have yet to find
> a solution.
> I have a CentOS 7 server running Samba 4.  It is connected as a member
> to an NT4 domain.  I have migrated over the configuration from an old
> Samba 2 server that I am trying to replace.
> Everything works except for the shares that have a "force user" option.
> When it is there, I get an error on the Windows box saying "The security
> ID structure is invalid."  If I remove the option, the share works
> except that it is being accessed as the wrong user.
> Someone suggested to put the user in the "valid users" list as well as
> "force user".  This has no effect.
> The share in question looks like this:
> [public]
>      comment = Public Share
>      path = /home/shares/public/public
>      public = yes
>      force user = pcguest
>      valid users = pcguest
>      writeable = yes
>      browsable = yes
>      printable = no
> Any suggestions?

I changed the security mode from domain to user, but the problem still 
persists.  Any time I use the 'force user' option on a share, the user 
gets the "security ID structure is invalid" message.

How can I go about troubleshooting this?  I'm getting lots of stuff in 
the log files, but I'm not sure what is relevant.



More information about the samba mailing list