[Samba] wbinfo -S SID deliver -1
edv at ednt.de
edv at ednt.de
Tue Apr 25 20:31:48 UTC 2017
i have setup a samba server as a AD member. AD: 2012R2
The first day everything was working fine. After restart the Samba
Service i had no access to my shares.
getent passwd and getent group deliver the UID and GID :
4294967295:4294967295: by all AD Users
which is -1 (FFFF FFFF)
wbinfo -n user deliver S-1-5-21-4001112740-1724199908-163113746-1106
SID_USER (1) which is correct !
I get from wbinfo -S S-1-5-21-4001112740-1724199908-163113746-1106 as
result -1 !
In the Winbind log i get :
i get from the log Parsing value for key
[IDMAP/SID2XID/S-1-5-21-4001112740-1724199908-163113746-1106]: value=[-1:N]
The Samba Version is : Version 4.2.14-Debian
My smb.conf is :
[global]
netbios name = fs2
workgroup = XDNT
security = ADS
realm = XDNT.DE
encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 10 #passdp:10 auth:10 winbind:10
# Log auf Datei Zugriff
vfs object = full_audit recycle acl_xattr
full_audit:prefix = IP=%I|USER=%u|MACHINE=%m|VOLUME=%S
full_audit:success = mkdir rename unlink rmdir pwrite
full_audit:failure = none
full_audit:facility = local7
# full_audit:priority = DEBUG
full_audit:priority = notice
# Log auf Datei löschen
recycle:repository = /srv/export/samba/recycle
recycle:subdir_mode = 0770
recycle:directory_mode = 0770
recycle:keeptree = Yes
recycle:versions = Yes
recycle:touch = Yes
recycle:touch_mtime = Yes
recycle:maxsize = 0
syslog = yes
#idmap config *:backend = tdb
#idmap config *:range = 85000-86000
idmap config XDNT : backend = ad
idmap config XDNT : schema_mode = rfc2307
idmap config XDNT : range = 3000000-4000000
idmap config XDNT:unix_primary_group = yes
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = yes
# winbind nss info = template
# template shell = /bin/bash
# template homedir = /home/%U
map acl inherit = Yes
store dos attributes = Yes
follow symlinks = yes
passdb backend = tdbsam
map untrusted to domain = Yes
username map = /etc/samba/user.map
Some one can help me please ?
More information about the samba
mailing list