[Samba] "Failed to convert SID" Errors for Some Users on UNRAID with Windows AD Domain.

Geoff Bland geoffblanduk at yahoo.co.uk
Sun Jul 24 18:42:20 UTC 2022


I have an UNRAID server, UNRAID allows shares with Samba via Windows AD access rights.

I have recently upgraded to the latest UNRAID server version, 6.10.2 and now several of my Windows users cannot connect to any shares on UNRAID - most can however.

I am not the only UNRAID user affected - the same issue has been reported several times on the UNRAID forum with users upgrading to the same version. Unfortunately none of us are Samba experts.

We have had no solution to this yet but it was suggested that we should try asking on the Samba forums to see if anyone there has any idea.
For my setup (other UNRAID users have different setups but the same issues) I have 2 Windows Server 2022 boxes running as domain controllers. Both also run DNS and DHCP. Both have static IP addresses. The UNRAID box has the 2 Windows Server for DNS and is "joined" to this domain.
The syslog is continually spitting out this error “Jul 15 21:58:49 UNRAID01 smbd[****]:   check_account: Failed to convert SID S-1-5-21-XXXXXXXX-XXXXXXXX-XXXXXXXX-1105 to a UID (dom_user[DOMAIN\username)” for all users with the issue.

I can do a "wbinfo -n" and that works OK but a "wbinfo -i" fails with WBC_ERR_DOMAIN_NOT_FOUND.

root at UNRAID01:~# wbinfo -n "DOMAIN\\user"

S-1-5-21- XXXXXXXX-XXXXXXXX-XXXXXXXX-1105 SID_USER (1)

root at UNRAID01:~# wbinfo -i " DOMAIN\\username"

failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND

Could not get info for user DOMAIN\username

As far as I can tell the Samba service is connected to the AD domain and the idmap mappings are set correctly, I think these are the relevant samba.conf settings and they all look correct to me(?):
ntlm auth = Yesworkgroup = SHORTDOMAINNAMErealm = FQDOMAINNAMEidmap config * : backend = hashidmap config * : range = 10000-4000000000winbind use default domain = Yesldap ssl = Nont acl support = Yesacl map full control = Yesacl group control = Yesinherit acls = Yesinherit permissions = Yesmap acl inherit = Yesdos filemode = Yesstore dos attributes = Yes

Samba in use is 4.15.7 
root at UNRAID01:~# smbd -VVersion 4.15.7 
Why are we getting this “Failed to convert SID” error for some of our users? What should I investigate next?


More information about the samba mailing list