[Samba] Error with "samba-tool ntacl get --as-sddl"
rpenny at samba.org
Wed May 18 08:07:14 UTC 2016
On 18/05/16 00:02, Miguel Medalha wrote:
> On two Samba 4.4.2/4.4.3 member servers, "samba-tool ntacl get
> --as-sddl" gives the following error:
> ERROR: Unable to read domain SID from configuration files
> Which configuration files is it referring to?
> Without "--as-sddl" the command gives a correct output.
> It would be nice to get the permissions in sddl format...
> The same command works as expected on two AC DCs.
Hi, this is because when you use '--as-sddl', the python code does this:
domain_sid = security.dom_sid(samdb.domain_sid)
raise CommandError("Unable to read domain SID from
Or to put it in English, it tries to get the Domain SID from sam.ldb and
this doesn't exist on a member server.
More information about the samba