[Samba] Added RFC2307 --> Unable to convert SID (S-1-1-0)
Jonathan Hunter
jmhunter1 at gmail.com
Fri Jun 5 04:53:05 MDT 2015
I've also realised, I have only put a few log messages in my original
message because I didn't want to send huge volumes of potentially
irrelevant traffic down the mailing list.. but I have just realised,
there may be something in there that could lead us in the right
direction, that I can't see.
So, some selected excerpts to give you a flavour:
Jun 5 11:48:48 myserver smbd[26655]: [2015/06/05 11:48:48.252345, 0]
../source4/auth/unix_token.c:107(security_token_to_unix_token)
Jun 5 11:48:48 myserver smbd[26655]: Unable to convert SID
(S-1-1-0) at index 5 in user token to a GID. Conversion was returned
as type 0, full token:
Jun 5 11:48:48 myserver smbd[26655]: [2015/06/05 11:48:48.252661, 0]
../libcli/security/security_token.c:63(security_token_debug)
Jun 5 11:48:48 myserver smbd[26655]: Security token SIDs (10):
Jun 5 11:48:48 myserver smbd[26655]: SID[ 0]:
S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1138
Jun 5 11:48:48 myserver smbd[26655]: SID[ 1]:
S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-513
Jun 5 11:48:48 myserver smbd[26655]: SID[ 2]:
S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-2613
Jun 5 11:48:48 myserver smbd[26655]: SID[ 3]:
S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-2615
Jun 5 11:48:48 myserver smbd[26655]: SID[ 4]:
S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1168
Jun 5 11:48:48 myserver smbd[26655]: SID[ 5]: S-1-1-0
Jun 5 11:48:48 myserver smbd[26655]: SID[ 6]: S-1-5-2
Jun 5 11:48:48 myserver smbd[26655]: SID[ 7]: S-1-5-11
Jun 5 11:48:48 myserver smbd[26655]: SID[ 8]: S-1-5-32-545
Jun 5 11:48:48 myserver smbd[26655]: SID[ 9]: S-1-5-32-554
Jun 5 11:48:48 myserver smbd[26655]: Privileges (0x 800000):
Jun 5 11:48:48 myserver smbd[26655]: Privilege[ 0]:
SeChangeNotifyPrivilege
Jun 5 11:48:48 myserver smbd[26655]: Rights (0x 400):
Jun 5 11:48:48 myserver smbd[26655]: Right[ 0]:
SeRemoteInteractiveLogonRight
Jun 5 11:48:48 myserver smbd[26655]: [2015/06/05 11:48:48.279396, 0]
../source4/auth/unix_token.c:107(security_token_to_unix_token)
Jun 5 11:48:48 myserver smbd[26655]: Unable to convert SID
(S-1-1-0) at index 5 in user token to a GID. Conversion was returned
as type 0, full token:
Jun 5 11:48:48 myserver rsyslogd-2177: imuxsock begins to drop
messages from pid 26655 due to rate-limiting
and:
[root at myserver samba]# net cache list | grep 1:N
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-501
Timeout: 11:30:14 Value: -1:N (expired)
Key: IDMAP/SID2XID/S-1-5-2 Timeout: 11:52:14 Value: -1:N
Key: IDMAP/SID2XID/S-1-5-11 Timeout: 11:52:23 Value: -1:N
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1174
Timeout: 11:52:39 Value: -1:N
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-1601
Timeout: 11:50:44 Value: -1:N (expired)
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-515
Timeout: 11:50:44 Value: -1:N (expired)
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-512
Timeout: 11:52:39 Value: -1:N
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-514
Timeout: 11:30:14 Value: -1:N (expired)
Key: IDMAP/SID2XID/S-1-5-21-xxxxxxxxx-yyyyyyyyyy-zzzzzzzzzz-572
Timeout: 11:52:39 Value: -1:N
Key: IDMAP/SID2XID/S-1-1-0 Timeout: 11:52:14 Value: -1:N
--
"If we knew what it was we were doing, it would not be called
research, would it?"
- Albert Einstein
More information about the samba
mailing list