[Samba] Root user shows up as "administrator"

Rowland penny rpenny at samba.org
Tue Feb 16 15:16:52 UTC 2021

On 16/02/2021 13:52, L.P.H. van Belle via samba wrote:
> Well, now look again.
> ADDOM\Administrator !=  BUILTIN\Administrator
> The rest is in the bug report.

The problem with that is, there doesn't seem to be a BUILTIN\Administrator

root at dc4:~# wbinfo -n BUILTIN\\Administrator
failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup name BUILTIN\Administrator

There is BUILTIN\Administrators

root at dc4:~# wbinfo -n BUILTIN\\Administrators
S-1-5-32-544 SID_ALIAS (4)

And a Domain Administrator

root at dc4:~# wbinfo -n Administrator
S-1-5-21-1768301897-3342589593-1064908849-500 SID_USER (1)

If I use 'S-1-5-32' and Administrator RID, I still cannot find 

root at dc4:~# wbinfo -s S-1-5-32-500
failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup sid S-1-5-32-500

If also look in idmap.ldb , I find this:

dn: CN=S-1-5-21-1768301897-3342589593-1064908849-500
cn: S-1-5-21-1768301897-3342589593-1064908849-500
objectClass: sidMap
objectSid: S-1-5-21-1768301897-3342589593-1064908849-500
xidNumber: 0
distinguishedName: CN=S-1-5-21-1768301897-3342589593-1064908849-500

> basicly it comes to ..
>> And there are even more that think that making the Windows 'super' user
>> into a standard Unix user is a bad idea
> using BUILTIN\ fixes this in my opinion.

Yes, but where are you getting 'BUILTIN\Administrator' from ??


More information about the samba mailing list