[Samba] sysvolreset doesn't reset all ACLs

[Rowland Penny]

On Fri, 25 Aug 2017 10:32:03 +0200
Sven Schwedas via samba <samba at lists.samba.org> wrote:

> > root at graz-dc-sem.ad.tao.at# wbinfo --sid-to-name=S-1-5-11
> > failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> > Could not lookup sid S-1-5-11
> 
> So how fucked is my domain?
> 

Probably not much ;-)

It doesn't work on my DCs either, but this does:

ldbsearch -H /usr/local/samba/private/idmap.ldb
'(&(objectClass=sidMap)(objectSid=S-1-5-11))' xidNumber

Where it returns this:

# record 1
dn: CN=S-1-5-11
xidNumber: 3000008

# returned 1 records
# 1 entries
# 0 referrals

Rowland