[Samba] Again 'Failed to find domain 'NT AUTHORITY'. Check connection to trusted domains!'

Wed Mar 21 17:50:08 UTC 2018

Mandi! Rowland Penny via samba
  In chel di` si favelave...

> > The trouble came from 'root' or groups '3000002' and '3000003'?
> No and very very probably no & no ;-)

> > How can i fix them? Thanks.
> Fix what? The owner has to be 'root', and you can find out just who
> '3000002' & '3000003' are by opening /var/lib/samba/private/idmap.ldb
> with ldbedit and searching for them.

 # record 48
 dn: CN=S-1-5-18   
 cn: S-1-5-18
 objectClass: sidMap
 objectSid: S-1-5-18
 type: ID_TYPE_BOTH
 xidNumber: 3000002
 distinguishedName: CN=S-1-5-18

 # record 6
 dn: CN=S-1-5-11   
 cn: S-1-5-11
 objectClass: sidMap
 objectSid: S-1-5-11
 type: ID_TYPE_BOTH
 xidNumber: 3000003
 distinguishedName: CN=S-1-5-11

> The 'cn' will contain the windows SID and if you look here:
> https://support.microsoft.com/en-us/help/243330/well-known-security-identifiers-in-windows-operating-systems
> You will be able to see who there are.

OK, 'Local System' and 'Authenticated Users'. Now?

I've to add an explicit map? How?

On a DC, i suppose all SID get mapped, via xidNumber... becasue these
are missing?

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)