[Samba] NT_STATUS_NONE_MAPPED in winbind logs

mhbeyle at gmail.com mhbeyle at gmail.com
Tue Oct 4 10:11:34 UTC 2022 

Hi, samba users ...

I have configured a samba installation (4.13) to act as a BDC in a 
windows domain. Everything works correctly: the different users login to 
the domain, access their files, permissions and roles are configured, etc.

However, when I access the /var/log/samba/ directory there is a file 
called log.wb-[DOMAIN] with thousands of lines similar to the following:

[2022/09/30 13:46:20.964639, 3] 
../../source3/winbindd/winbindd_samr.c:597(sam_name_to_sid) sam_name_to_sid
[2022/09/30 13:46:20.964646, 3] 
../../source3/winbindd/winbindd/winbindd_rpc.c:281(rpc_name_to_sid) 
name_to_sid: [DOMAIN]\NOT for domain [DOMAIN].
[2022/09/30 13:46:20.964803, 2] 
../../source3/winbindd/winbindd_rpc.c:300(rpc_name_to_sid) name_to_sid: 
failed to lookup name: NT_STATUS_NONE_MAPPED
[2022/09/30 13:46:20.965021, 3] 
../../libcli/security/dom_sid.c:215(dom_sid_parse_endp) string_to_sid: 
SID is not in a valid format
[2022/09/30 13:46:26.187044, 3] 
../../source3/winbindd/winbindd_samr.c:597(sam_name_to_sid) sam_name_to_sid
[2022/09/30 13:46:26.187050, 3] 
../../source3/winbindd/winbindd/winbindd_rpc.c:281(rpc_name_to_sid) 
name_to_sid: [DOMAIN]\ROOT for domain [DOMAIN].
[2022/09/30 13:46:26.187216, 2] 
../../source3/winbindd/winbindd_rpc.c:300(rpc_name_to_sid) name_to_sid: 
failed to lookup name: NT_STATUS_NONE_MAPPED
[2022/09/30 13:46:26.187321, 3] 
../../libcli/security/dom_sid.c:215(dom_sid_parse_endp) string_to_sid: 
SID is not in a valid format

[...]

The file weighs more than 100MB and I would like to know if there is 
someone who can guide me about these warnings, because this has never 
happened to me in a samba configuration and I would not like to transfer 
this to production with serious configuration errors.

I paste below the [Global] configuration of smb.conf:

[global]
     workgroup = [domain]
     realm = [DOMAIN].LOCAL
     netbios name = machine03-dm
     server string = machine03-dm BDC
     server role = dc
     server role check:inhibit = yes
     server services = -dns
     server signing = auto
     dsdb:schema update allowed = yes
     ldap server require strong auth = no
     drs:max object sync = 1200

     idmap_ldb:use rfc2307 = yes

     winbind enum users = yes
     winbind enum groups = yes
     template shell = /usr/bin/bash
     template homedir = /home/%U

     rpc server dynamic port range = 49152-65535

     interfaces = lo,eth0,eth1
     bind interfaces only = yes

     map to guest = Bad User

     log level = 3
     log file = /var/log/samba/samba.log
     max log size = 100000

     include = /etc/samba/shares.conf


Thank tou very much in advance.

------------------------------------------------------
MhBeyle __

More information about the samba mailing list