[Samba] GID to group name mapping failure
Rowland penny
rpenny at samba.org
Tue Jun 16 10:21:23 UTC 2020
On 16/06/2020 10:52, Shyam Prasad N via samba-technical wrote:
> Hi,
>
> I've ended up in a weird situation with my Windows AD environment.
> My linux host was originally joined to the domain. For some reason,
> the domain server got reset and created a fresh domain with the same
> name and all the AD objects (including users/groups) were recreated.
How on earth did that happen ?
If it is a 'new' domain then it will have a new domain SID.
> However, winbindd is unable to map the GID to the group name.
>
> I think that SID for both user and group may have changed from the
> last time I was domain joined.
Whilst the users & groups SID may have changed, the winbind 'rid'
backend uses the 'RID' to identify the user or group. This means that
the users RID may have changed (along with the domain SID), but the RID
for Domain Users is fixed at '513'. So, it looks like this is a domain
SID problem.
I would try leaving the domain again, reboot the computer, then re-join
the domain. If this doesn't work, you may have to delete the .tdb files
from /var/lib/samba
Rowland
More information about the samba
mailing list