[Samba] Corrupted idmap...

Fri Jan 13 17:46:27 UTC 2017

OK, I noticed that also, but why does everything return
NT_STATUS_INVALID_SID? Even if I run "smbclient -L \\localhost -U
adminnamehere" on the DC itself, I get the error. At this point we are
looking at erasing every workstation, wiping the DC, and starting from
scratch. It has been a week and not even rolling back to 4.4 fixed it.
What should my next steps be? I attached the server configuration file
for reference. Note that it has run this way for a year without a hitch
and nothing has been changed since day 1.

# Global parameters
[global]
        workgroup = TRUEVINE
        realm = TRUEVINE.LAN
        netbios name = DC01
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
        idmap_ldb:use rfc2307 = yes
        idmap config *:backend = tdb
        idmap config *:range = 2001-10000
        idmap config TRUEVINE:backend = ad
        idmap config TRUEVINE:schema_mode = rfc2307
        idmap config TRUEVINE:range = 10001-20000
        domain master = yes
        local master = yes
        preferred master = yes
        os level = 255

[netlogon]
        path = /var/lib/samba/sysvol/truevine.lan/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

Lead IT/IS Specialist
Reach Technology FP, Inc

On 01/12/2017 10:54 AM, Rowland Penny via samba wrote:
> On Thu, 12 Jan 2017 10:32:59 -0500
> Ryan Ashley via samba <samba at lists.samba.org> wrote:
> 
>> I forgot about ldbsearch. Here is a dump of xid numbers.
>>
>> root at dc01:~# ldbsearch -H /var/lib/samba/private/idmap.ldb | grep
>> xidNumber xidNumber: 3000028
>> xidNumber: 3000013
>> xidNumber: 3000033
>> xidNumber: 3000003
>> xidNumber: 3000032
>> xidNumber: 3000023
>> xidNumber: 3000019
>> xidNumber: 3000010
>> xidNumber: 65534
>> xidNumber: 3000031
>> xidNumber: 3000022
>> xidNumber: 3000026
>> xidNumber: 3000017
>> xidNumber: 3000027
>> xidNumber: 3000016
>> xidNumber: 3000030
>> xidNumber: 3000021
>> xidNumber: 3000004
>> xidNumber: 100
>> xidNumber: 3000008
>> xidNumber: 3000011
>> xidNumber: 0
>> xidNumber: 3000009
>> xidNumber: 3000025
>> xidNumber: 3000000
>> xidNumber: 3000001
>> xidNumber: 3000002
>> xidNumber: 3000014
>> xidNumber: 3000029
>> xidNumber: 3000020
>> xidNumber: 3000005
>> xidNumber: 3000006
>> xidNumber: 3000007
>> xidNumber: 3000018
>> xidNumber: 3000012
>> xidNumber: 3000024
>> xidNumber: 3000015
>>
>> Is an xid number supposed to go all the way down to 0?
>>
> 
> Yes, '0' is administrator (and also root)
> '100' is the users group and '65534' is the user 'nobody'
> 
> Only problem I can see, you do not have any duplicate xidNumbers, but
> that doesn't mean you don't have any SIDs with more than one xidNumber
> 
> Rowland
> 