[Samba] NT_STATUS_INVALID_SID in a SDC
kasandrapadisha at hotmail.com
Wed May 11 12:12:22 UTC 2016
Upgrading without knowing whats the problem I feel a bit like with
Windows or lots of comercial software: "The next version will solve all
your problems" and we all know that's never true.
I appreciate any help.
-------- Mensaje reenviado --------
Asunto: NT_STATUS_INVALID_SID in a SDC
Fecha: Tue, 10 May 2016 12:22:25 -0500
De: Kasandra Padisha <kasandrapadisha at hotmail.com>
Para: samba at lists.samba.org
I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
backported Samba 4.3.18 and is working well.
I have installed a SDC (if I may use that name) on a different network,
the same version of Samba but on a Debian Jessie on AMD64. I followed
every instruction in
So every test worked fine.
But now when i try to login, to view a share or to join the domain I get
NT_STATUS_INVALID_SID or " The security id structure is invalid".
Not only with the administrator but with any user.
root at parmenides2:~# smbclient -L localhost -UAdministrator
Enter Administrator's password:
session setup failed: NT_STATUS_INVALID_SID
I am really out of arguments
What I have already done:
1. The mirror is OK
#> samba-tool drs showrepl
#> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
I have ran this from both PDCs and get SUCCESS
2. I have read all similar messages
I have found some similar cases but none with a solution. And I have
read ALL literally
3. My smb.conf
I have installed my main controller following
and it was generated automatically. I added "idmap_ldb:use" and "log level"
# Global parameters
workgroup = EXAMPLE-W10
realm = EXAMPLE.COM
netbios name = DC1
server role = active directory domain controller
dns forwarder = 192.168.10.7
idmap_ldb:use rfc2307 = yes
log level = 1
path = /var/lib/samba/sysvol/example.com/scripts
read only = No
path = /var/lib/samba/sysvol
read only = No
On DC2 changes the netbios name and dns forwarder .. but everything else
is the same.
4. ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
description: Built-in account for administering the computer/domain
memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep objectSid
I appreciate any help
More information about the samba