[Samba] The primary group domain sid(...) does not match the domain sid(.) for user(...)
rlichtenwalter at gmail.com
Wed Jul 31 15:58:11 UTC 2019
I have a domain member server running totally separate authorization
against an LDAP server independent of the domain.
Refer to the email chain "[Samba] WBC_ERR_DOMAIN_NOT_FOUND error with
RFC2307" for more details if necessary.
All user and group authentication against the AD server works correctly,
and all user and group authorization using the LDAP server works correctly
with my custom script, the brief and simple source of which is included
above. For shares that use "force user", however, users are not authorized
correctly, and I get an error such as "The primary group domain sid(...)
does not match the domain sid(.) for user(...)". This occurs even if the
connecting user is the same as the user defined by "force user" and in
cases where the connecting user would otherwise be able to access the share.
Why is this happening? How can I correct this?
More information about the samba