[Samba] Error joining Linux member to 4.5.0 DC: Indicates the SID structure is not valid
Arthur Ramsey
arthur_ramsey at mediture.com
Thu Oct 20 20:47:23 UTC 2016
>> I would suggest you remove the 'password server' line, this will allow
>> Samba to find the best DC to use.
I use that because I've not see adequate load balancing otherwise (I
provide a differently ordered list to half of the members).
>> I also don't understand why you have a 10 million range for the
>> BUILTIN users and only a 39,999 range for the domain users.
No good reason. No where near any of the limits.
>> Other than that, joining with 'net ads join -U Administrator' should
>> work.
Look through my recent posts, I'm having a ton of issues with Samba.
Not sure what the root cause is, but I keep hoping one of these errors
will lead someone to answer. I've tried a lot on my own, but I can't
figure it out. The error seems the most revealing. I'm wondering about
the RID process / possible SID collision. Now I can't join a Windows
machine with my login either.
> I also forgot to say, remove the uidNumber from Administrator, add this
> line to smb.conf:
>
> username map = /etc/samba/user.map
>
> Then create '/etc/samba/user.map' with this content:
>
> !root = MEDITURE\Administrator MEDITURE\administrator
> Administrator administrator
>
> This will then ensure that Administrator gets mapped to root.
I added it as a test, I didn't have it before. I don't want the
Administrator account to even allow access on member Linux servers. I
just use it for joining in scripts.
This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED HEALTH INFORMATION. If you are not the intended recipient, any use or disclosure of this information is STRICTLY PROHIBITED; you are requested to delete this e-mail and any attachments, notify the sender immediately, and notify the Mediture Privacy Officer at privacyofficer at mediture.com.
More information about the samba
mailing list