[Samba] The security id structure is invalid

Ron García-Vidal ron at riomargroup.com
Fri Oct 7 12:51:42 UTC 2016


On 10/6/16 1:54 PM, Ron García-Vidal via samba wrote:
> On 10/6/16 12:50 PM, lingpanda101--- via samba wrote:
>> On 10/6/2016 12:35 PM, Ron García-Vidal via samba wrote:
>>> On 10/5/16 11:37 AM, Ron García-Vidal via samba wrote:
>>>> On 10/5/16 11:17 AM, Rowland Penny via samba wrote:
>>>>> On Wed, 5 Oct 2016 10:37:51 -0400
>>>>> Ron García-Vidal via samba <samba at lists.samba.org> wrote:
>>>>> In trying to sort through this myself, I seems to be missing 
>>>>> something. Can anyone shed light on why samba-tool dbcheck gives 
>>>>> me this message?
>>>
>>> ERROR: incorrect GUID component for member in object CN=Domain 
>>> Admins,CN=Users,DC=dc1,DC=mydomain,DC=net - 
>>> <GUID=7ae0e1a8b8ca2242a02497d59084268b>;<RMD_ADDTIME=130335192420000000>;<RMD_CHANGETIME=130335196040000000>;<RMD_FLAGS=1>;<RMD_INVOCID=c60633bfc7bbc740b63f9b2c6f6ffe2a>;<RMD_LOCAL_USN=6216>;<RMD_ORIGINATING_USN=6216>;<RMD_VERSION=1>;<SID=0105000000000005150000008e2fac4e0f2df2afc89f5f9d5c040000>;CN=LDAP 
>>> User,CN=Users,DC=dc1,DC=mydomain,DC=net
>>>
>>> The GUID that it's giving doesn't show up anywhere when I ldbedit my 
>>> sam.db. I'm trying to figure out how I can manually correct the GUID 
>>> component that it's screaming about, but I can't find anything in 
>>> the sam.db that mentions GUID other than objectGUID. Any hints?

Resorting to a simple grep, I have found the entry that's causing the 
issue in the file 
/usr/local/samba/private/sam.ldb.d/DC=DC1,DC=MYDOMAIN,DC=NET.ldb

How does this file relate to the sam.db file? Is it safe to edit this 
file directly to remove the offending GUID?

-Ron



More information about the samba mailing list