[Samba] The security id structure is invalid
Ron García-Vidal
ron at riomargroup.com
Wed Oct 5 15:37:48 UTC 2016
On 10/5/16 11:17 AM, Rowland Penny via samba wrote:
> On Wed, 5 Oct 2016 10:37:51 -0400
> Ron García-Vidal via samba <samba at lists.samba.org> wrote:
>
>> Here is some more information that could be helpful. This is the
>> entry for LDAP User in ldbedit:
>>
>> # record 253
>> dn: CN=LDAP User,CN=Users,DC=dc1,DC=mydomain,DC=net
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> cn: LDAP User
>> sn: User
>> givenName: LDAP
>> instanceType: 4
>> whenCreated: 20140106220805.0Z
>> displayName: LDAP User
>> uSNCreated: 6218
>> name: LDAP User
>> objectGUID: 6ac4027a-0250-4019-a2a8-12cc03497f7f
>> badPwdCount: 0
>> codePage: 0
>> countryCode: 0
>> badPasswordTime: 0
>> lastLogoff: 0
>> lastLogon: 0
>> objectSid: S-1-5-21-1319907214-2951884047-2640289736-1117
>> accountExpires: 9223372036854775807
>> logonCount: 0
>> sAMAccountName: LDAPUser
>> sAMAccountType: 805306368
>> userPrincipalName: LDAPUser at dc1.mydomain.net
>> objectCategory:
>> CN=Person,CN=Schema,CN=Configuration,DC=dc1,DC=mydomain,DC=net
>> pwdLastSet: 130335199430000000
>> lockoutTime: 0
>> userAccountControl: 66048
>> msDS-SupportedEncryptionTypes: 0
>> primaryGroupID: 514
>> whenChanged: 20140107003451.0Z
>> uSNChanged: 6241
>> distinguishedName: CN=LDAP User,CN=Users,DC=dc1,DC=mydomain,DC=net
>>
> I don't know if this is part of your problem, but why is the
> primaryGroupID of LDAPUser 'Domain Guests' ??
> Try changing it to 513 (Domain Users)
>
I get the following error from both ldbedit and from ldapadmin:
failed to modify CN=LDAP User,CN=Users,DC=dc1,DC=mydomain,DC=net - error
in module samldb: Unwilling to perform during LDB_MODIFY
More information about the samba
mailing list