[Samba] SID security

Robert Wooden wdn2420systm at gmail.com
Mon Oct 5 14:06:37 UTC 2020 

After sending the email I realized that I did not mention that while
rebuilding the OS, I kept the "old" /srv/samba files. Which in turn kept
the old permission settings. I think (could be wrong) that keeping the old
SID are now different from the new SID's created while rebuilding to
v4.12.6.

To answer your DC question:
root at dc1:~#  wbinfo -s S-1-5-21-589789-1426474111-2143966843-500
failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup sid S-1-5-21-589789-1426474111-2143966843-500
root at dc1:~#  wbinfo -s S-1-5-21-589789-1426474111-2143966843-512
failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup sid S-1-5-21-589789-1426474111-2143966843-512
root at dc1:~#  wbinfo -s S-1-5-21-589789-1426474111-2143966843-513
failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup sid S-1-5-21-589789-1426474111-2143966843-513

No firewall (ufw disabled, for the moment.)

On Mon, Oct 5, 2020 at 8:59 AM Rowland penny via samba <
samba at lists.samba.org> wrote:

> On 05/10/2020 14:44, Robert Wooden via samba wrote:
> > As the result of my own actions I have had to rebuild my DC's and member
> > server Samba version. It's my fault for upgrading to v4.13.0 too soon.
> >
> > On W10, logged in as administrator, connected to the member server via
> > FileExplorer, the file permissions (via Properties tab) >> Security (tab
> >>
> > Advanced >> shows the following permissions for the \\mbr04\data folder:
> >
> > Creator Group
> > S-1-5-21-589789-1426474111-2143966843-500
> > S-1-5-21-589789-1426474111-2143966843-512
> > S-1-5-21-589789-1426474111-2143966843-513
> >
> > Any member of "Domain Users" should be able to access this folder. The
> > mbr04 server shows this:
> >
> > root at mbr04:~# wbinfo -s S-1-5-21-589789-1426474111-2143966843-500
> > failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> > Could not lookup sid S-1-5-21-589789-1426474111-2143966843-500
>
> Do the commands work on a DC ?
>
> Is something like a firewall getting in the way ?
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list