[Samba] workaround needed for Security Principals, and SID's mapping bug.

L.P.H. van Belle belle at bazuin.nl
Thu Dec 1 10:10:04 UTC 2016



Does anyone know if this Security Principals, and SID's mapping bug is resolved or if there is any patch. 

Rowland? Achim? Any samba dev? 


I really need it. 


Im at samba 4.4.5 

I cant find if its fixed in 4.4.7 or 4.5.1 


To check if you affected with this, follow these steps. 


1.                       Under "When running the task, use the following user account:", click "Change User or Group..." 

2.                       Click "Locations" 

3.                       Expand the [domain FQDN] and select the "Builtin" container, then click OK 

4.                       In the box labelled "Enter the object name to select:" type "system", then click OK 

5.                       You should see "NT AUTHORITY\System" in the box  


If you affected with this bug, you wil see :  DOMAIN\system  

And not NT AUTHORITY\System or buildin\system 


Due to the fact that i cant type the username, i need a solution. 

Typing the username wil result in : 

Windows (7)  event id 4098  error code  0x80041316


I need a way so step 1-5 does result in : NT AUTHORITY\System 






More information about the samba mailing list