[Samba] Security Principals, and SID's mapping bug
L.P.H. van Belle
belle at bazuin.nl
Wed Jan 25 11:25:45 UTC 2017
Are you sure that was the only change? :-/
Tried it out, but
wbinfo --lookup-sids=S-1-5-18
wbcLookupSids failed: WBC_ERR_INVALID_SID
Could not lookup SIDs S-1-5-18
Does this possible has anything todo with AD/RID setups?
Im on a AD setup.
Selecting the users SYSTEM though search still resolve back to NTDOM\System
:-)
Well.. lunch first.
Greetz,
> > -----Oorspronkelijk bericht-----
> > Van: Rowland Penny [mailto:rpenny at samba.org]
> > Verzonden: woensdag 25 januari 2017 11:53
> > Aan: L.P.H. van Belle
> > Onderwerp: Re: [Samba] Security Principals, and SID's mapping bug
> >
> > On Tue, 24 Jan 2017 15:02:14 +0100
> > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
> >
> >
> > >
> > > wbinfo -s S-1-5-18
> > > failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> > > Could not lookup sid S-1-5-18
> > >
> >
> > Hi Louis, I got the same result on a Unix domain member, but after a
> > bit of thinking and testing, I now get:
> >
> > root at devstation:~# wbinfo --sid-to-name=S-1-5-18
> > NT AUTHORITY\SYSTEM 5
> >
> > How did I do this ?
> >
> > Easy, first create a system group on the Unix machine:
> >
> > root at devstation:~# addgroup --system system
> > Adding group `system' (GID 125) ...
> > Done.
> >
> > Then add a line to the user map:
> >
> > !system = SYSTEM system
> >
> > Restart Samba
> >
> > Now I don't know if this will work with your GPOs, but it is worth
> > trying (you may have to alter the Unix 'system' groups permissions)
> >
> > Rowland
More information about the samba
mailing list