[Samba] Using rpcclient with my NetApp fails

pisymbol . pisymbol at gmail.com
Tue Feb 17 10:42:20 MST 2015


I have a Netapp 8.2.2P1 7-Mode connected to my Active Directory domain
and the following rpcclient command on CentOS 6.5 is bailing on the
following error:

could not obtain sid for domain QUEST

I've tested this with all stable version of 3.6 etc. I have not tried
the python based rpcclient command yet though.

But after a bit of debugging, it seems that the fetch_machine_sid()
function is failing to open up the LSA pipe using the domain's
administrative credentials.

I have verified that the netapp is joined to the domain, can perform
SID lookups, as well as have its own "administrators" group see RID
500 and have full access to the netapp.

If I comment out fetch_machine_sid() from rpcclient, everything works
fine (I get 'netshareenum' output from all supported levels).

Does anyone have any idea why samba and my NetApp aren't playing nice?
More specifically, does anyone know why the LSA open policy stuff
would fail on a NetApp when using domain administrator creds (RID


More information about the samba mailing list