[Samba] NT_STATUS_INVALID_SID error

Rowland Penny rpenny at samba.org
Mon Mar 25 13:02:50 UTC 2024


On Mon, 25 Mar 2024 13:08:13 +0100
Kai via samba <samba at lists.samba.org> wrote:


> Testparm -s of the fileserver:
> Load smb config files from /etc/samba/smb.conf
> Loaded services file OK.
> Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility
> fallback)
> 
> Server role: ROLE_DOMAIN_MEMBER
> 
> # Global parameters
> [global]
>         log file = /var/log/samba/log.%m
>         logging = file
>         map to guest = Bad User
>         max log size = 1000
>         obey pam restrictions = Yes
>         pam password change = Yes
>         panic action = /usr/share/samba/panic-action %d
>         passwd chat = *Enter\snew\s*\spassword:* %n\n 
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>         passwd program = /usr/bin/passwd %u
>         realm = JUE.BRK
>         server role = member server
>         server string = %h server (Samba, Ubuntu)
>         template homedir = /home/%U
>         template shell = /bin/bash
>         unix password sync = Yes
>         usershare allow guests = Yes
>         workgroup = JUE
>         idmap config * : range = 10000 - 20000
>         idmap config * : backend = tdb

You have only set half of the required 'idmap config' lines, try it
like this:

   idmap config * : backend = tdb
   idmap config * : range = 3000-7999
   idmap config JUE : backend = rid
   idmap config JUE : range = 10000-999999

The only other thing I can think of, is winbind running ?

Rowland



More information about the samba mailing list