[Samba] force user and NT_STATUS_INVALID_SID

Thorvald Hallvardsson thorvald.hallvardsson at gmail.com
Tue Jan 27 04:10:16 MST 2015


OK I think I sorted the problem out.

I had to add "root" user to smbpasswd and it worked.

Regards,
TH

On 27 January 2015 at 09:46, Thorvald Hallvardsson <
thorvald.hallvardsson at gmail.com> wrote:

> Welcome everyone,
>
> I have to bother you and pick up your brains as I struggle to configure
> samba the way I want. It's the first time I deal with Samba4 as I'm trying
> to migrate boxes running on Centos 5 with Samba3 to Centos 7 with Samba4.
> The configuration I use works great on Samba 3 however when I use the same
> config on Samba4 I manage to authenticate as the user but once I want to
> browse to the share I'm getting rejection.
>
> Windows box says "The security ID structure is invalid". Smbclient says
> "Connection to \\localhost\share1 failed - NT_STATUS_INVALID_SID".
>
> I store my user credentials in smbpasswd file. This is my smb.conf.
>
> [global]
>         server string = My server
>         smb passwd file = /etc/samba/smbpasswd
>         passdb backend = smbpasswd
>         username map = /etc/samba/smbusers
>         log file = /var/log/samba/%m.log
>         max log size = 0
>         name resolve order = hosts
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         load printers = No
>         local master = No
>         dns proxy = No
>         idmap config * : backend = tdb
>         hosts allow = [$IPS]
>         case sensitive = No
>
> [share1]
>         path = /home/share1
>         valid users = administrator
>         force user = root
>         read only = No
>         create mask = 0704
>         force create mode = 0704
>         force directory mode = 0701
>         inherit acls = Yes
>         inherit owner = Yes
>         follow symlinks = No
>
>
> # grep administrator /etc/passwd
> administrator:x:201:201::/home/administrator:/bin/bash
>
> # grep admin /etc/samba/smbpasswd
> administrator:201:PASS:[U          ]:LCT-XXXXXXXXF:
>
> As you see samba should run as a standalone server. There is no AD, very
> simple config. I really got stuck and cannot find any help over the
> internet.
>
> I appreciate your response in advance.
>
> Regards,
> TH
>


More information about the samba mailing list