[Samba] Contingency server permission error
Luis Peromarta
lperoma at icloud.com
Sat Dec 10 10:52:32 UTC 2022
Dear all,
I have a file server (domain member) running Version 4.9.5-Debian for a good few year now. 3 DCs running samba 4.17. No issues whatsoever except for these errors in logs: (192.168.0.9.log)
[2022/12/10 11:17:06.937222, 0] ../source3/auth/auth_util.c:1897(check_account)
check_account: Failed to convert SID S-1-5-21-2152908145-95474353-1514027631-6608 to a UID (dom_user[MAD\itpc01$])
System seems to just work fine.
If you try
#wbinfo --sid-to-uid S-1-5-21-2152908145-95474353-1514027631-6608
failed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-2152908145-95474353-1514027631-6608 to uid
I am not sure if this is very important or not. All is working just fine.
smb.conf is:
[global]
security = ADS
workgroup = MAD
realm = MAD.MATER.INT
netbios name = SERVER
log file = /var/log/samba/%m.log
# To enable Group Policy application in winbind,
apply group policies = yes
# Configure Samba to Work Better with Mac OS X
min protocol = SMB2
ea support = yes
vfs objects = fruit streams_xattr
fruit:aapl = yes
fruit:metadata = stream
fruit:model = RackMac
fruit:posix_rename = yes
fruit:veto_appledouble = yes
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:delete_empty_adfiles = yes
# Default ID mapping configuration for local BUILTIN accounts
idmap config * : backend = tdb
idmap config * : range = 3000-7999
# idmap config for the MAD domain
idmap config MAD:backend = ad
idmap config MAD:schema_mode = rfc2307
idmap config MAD:range = 10000-999999
# winbind config:
winbind nss info = rfc2307
winbind use default domain = yes
# winbind enum users = yes
# winbind enum groups = yes
# renew the kerberos ticket
winbind refresh tickets = Yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
# username map = /etc/samba/user.map
# To configure shares using extended access control lists (ACL)
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
# Veto Files
veto files = /Thumbs.db/.DS_Store/._.DS_Store/.com.apple*/.AppleDB/.AppleDouble/.AppleDesktop/:2eDS_Store/Network Trash Folder/Temporary Items/TheVolumeSettingsFolder/. at __thumb/. at __desc/:2e*/$
delete veto files = yes
[personales]
path = /home/users/
read only = no
hide unreadable = yes
hide unwriteable files = yes
# browseable = no
[shares]
path = /home2/shares/
read only = no
hide unreadable = yes
hide unwriteable files = yes
Any ideas on why this errors are showing up ?
Thanks,
LP
More information about the samba
mailing list