[Samba] Administrators SID is invalid.

Rowland Penny rowlandpenny at googlemail.com
Sat Oct 18 04:56:33 MDT 2014

On 18/10/14 11:45, mots wrote:
> Thanks, but that didn't work, I'm still getting the same error.
> Also weird: If the account was expired, then I shouldn't have been able
> to log in at all, right?
> Kind regards,
> mots
> Am 18.10.2014 um 11:50 schrieb Rowland Penny:
>> On 18/10/14 10:20, mots wrote:
>>> Hello,
>>> I've got a samba 4.2 DC, which has worked well for about a month now. It
>>> still works for all users except "Administrator".
>>> If I login to a Windows box with the Administrator account, I can't
>>> connect to any shares and clicking on a mapped drive returns the error
>>> "The security ID structure is invalid".
>>> Opening "Active Directory Users and Computers" on the Windows box
>>> returns "The RPC server is unavailable".
>>> Using "smbclient -L localhost -UAdministrator" on the GNU/Linux server
>>> running samba I receife this error: "session setup failed:
>>> Is there a way to fix this without restoring the database from backup?
>>> Kind regards,
>>> mots
>> possibly, have you done anything to the Administrator account ?
>> Also can you post the (sanitized) result of:
>> ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
>> You may have to alter '/var/lib/samba/private/sam.ldb' with the path
>> to your sam.ldb
>> Rowland
That was the only obvious problem, ok lets check if the Administrator 
has the correct SID:

ldbsearch -H /var/lib/samba/private/sam.ldb DC=cluster | grep objectSid

does the result match what you posted earlier ?

objectSid: S-1-5-21-4290789724-2746532821-3856153555-500

Note: ignore the -500, this is the Administrator's RID and is always '500'


More information about the samba mailing list