[Samba] Could not convert SID S-0-0, error is NT_STATUS_NONE_MAPPED
Rowland Penny
rpenny at samba.org
Tue Aug 1 10:02:16 UTC 2023
On 01/08/2023 10:43, Carlos Jesus via samba wrote:
> Hi all!
> Both my DC's running 4.17.6 on Debian Bullseye (with bullseye-backports)
> exhibit the same error:
> [2023/08/01 07:45:01.647357, 1]
> ../../source3/winbindd/winbindd_getgroups.c:259(winbindd_getgroups_recv)
> Could not convert sid S-0-0: NT_STATUS_NONE_MAPPED
> About 1/minute
>
> My smb.conf is minimal (I removed the SHARES section)
Trouble is, other than the 'sysvol' and 'netlogon' shares, you shouldn't
be using a DC as a fileserver, it isn't recommended by Samba.
> [global]
> realm = EUROHIDRA.LOCAL
Is '.local' your real TLD ?
If it is, I suggest you turn off Bonjour and Avahi everywhere.
> workgroup = EUROHIDRA
> netbios name = EHDC1
> server role = active directory domain controller
> # interfaces = lo br0
> # bind interfaces only = Yes
> idmap_ldb:use rfc2307 = yes
> log level = 1 auth_json_audit:2@/var/log/samba/auth.log sam:2@
> /var/log/samba/sam.log
> log file = /var/log/samba/samba.log
>
> server services = -dns
> template shell = /bin/bash
> template homedir = /home/%U
> winbind use default domain = yes
I suggest you remove the 'winbind use default domain' line, it does
nothing on a DC and, though unlikely, it could have something to do with
your problem.
> # winbind enum users = yes
> # winbind enum groups = yes
>
> dns zone scavenging = yes
> #Disable Printing
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> I've tried with and without winbind enum. DNS scavenging is there as a test
> but I don't think is related. Replication gives no errors and the same for
> samba-tool dbcheck. Is this just cosmetic?
Rowland
More information about the samba
mailing list