[Samba] Repetitive warnings in our winbindd logs NT_STATUS_NONE_MAPPED

Kamal Chikh echioukh k_chikhechioukh at hotmail.com
Mon Mar 10 16:20:19 UTC 2025 

Hello Rowland,

Thank you for your reply.

The following command :
#ldbsearch -H /var/lib/samba/private/sam.ldb '(objectSid=S-1-5-21-4033032984-1195938581-1271113577-6652)' objectClass name

Return an empty output.

Also :

#wbinfo --lookup-rids=5119,6652,5173
winbind_lookup_rids failed: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup RIDs 5119,6652,5173

Best Regards,
__________________________

kamal Chikh Echioukh

________________________________
De : samba <samba-bounces at lists.samba.org> de la part de Rowland Penny via samba <samba at lists.samba.org>
Envoyé : lundi, 10 mars 2025 16:36
À : samba at lists.samba.org <samba at lists.samba.org>
Cc : Rowland Penny <rpenny at samba.org>
Objet : Re: [Samba] Repetitive warnings in our winbindd logs NT_STATUS_NONE_MAPPED

On Mon, 10 Mar 2025 14:32:37 +0000
Kamal Chikh echioukh via samba <samba at lists.samba.org> wrote:

> Hello,
>
> OS : Rocky Linux 8.10
> Samba AD 4.20.7
>
> We have a lot of winbindd warnings which mainly concern 3 SIDs that
> winbind can't map to their uid/gid :
>
>  Failed with NT_STATUS_NONE_MAPPED.
>   Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-5119: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-6652: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. wb_lookupsid_recv failed with
> NT_STATUS_NONE_MAPPED. Failed with NT_STATUS_NONE_MAPPED.
>   Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-6652: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-5173: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. wb_lookupsid_recv failed with
> NT_STATUS_NONE_MAPPED. Failed with NT_STATUS_NONE_MAPPED.
>   Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-5173: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-5119: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. wb_lookupsid_recv failed with
> NT_STATUS_NONE_MAPPED. Failed with NT_STATUS_NONE_MAPPED.
>   Could not convert sid
> S-1-5-21-4033032984-1195938581-1271113577-5119: NT_STATUS_NONE_MAPPED
> Failed with NT_STATUS_NONE_MAPPED. .
> .
> .
>
> wbinfo -S S-1-5-21-4033032984-1195938581-1271113577-5119
> 3000062
> wbinfo -S S-1-5-21-4033032984-1195938581-1271113577-5173
> 3000213
> wbinfo -S S-1-5-21-4033032984-1195938581-1271113577-6652
> 3000104
>
> wbinfo -s S-1-5-21-4033032984-1195938581-1271113577-5119
> failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> Could not lookup sid S-1-5-21-4033032984-1195938581-1271113577-5119
> wbinfo -s S-1-5-21-4033032984-1195938581-1271113577-6652
> failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> Could not lookup sid S-1-5-21-4033032984-1195938581-1271113577-6652
> wbinfo -s S-1-5-21-4033032984-1195938581-1271113577-5173
> failed to call wbcLookupSid: WBC_ERR_DOMAIN_NOT_FOUND
> Could not lookup sid S-1-5-21-4033032984-1195938581-1271113577-5173
>
> wbinfo -Y S-1-5-21-4033032984-1195938581-1271113577-5119
> 3000062
> wbinfo -Y S-1-5-21-4033032984-1195938581-1271113577-6652
> 3000104
> wbinfo -Y S-1-5-21-4033032984-1195938581-1271113577-5173
> 3000213
>
> wbinfo --uid-to-sid=3000104
> S-1-5-21-4033032984-1195938581-1271113577-6652
> [root at antares samba]$  wbinfo --uid-to-sid=3000062
> S-1-5-21-4033032984-1195938581-1271113577-5119
> [root at antares samba]$  wbinfo --uid-to-sid=3000213
> S-1-5-21-4033032984-1195938581-1271113577-5173
>
> When I try to remove uid to sid mapping in idmap, I get :
>
> wbinfo
> --remove-uid-mapping=3000062,S-1-5-21-4033032984-1195938581-1271113577-5119
> failed to call wbcRemoveUidMapping: WBC_ERR_NOT_IMPLEMENTED Could not
> remove uid to sid mapping
>
> wbinfo
> --remove-uid-mapping=3000104,S-1-5-21-4033032984-1195938581-1271113577-6652
> failed to call wbcRemoveUidMapping: WBC_ERR_NOT_IMPLEMENTED Could not
> remove uid to sid mapping
>
>  wbinfo
> --remove-uid-mapping=3000213,S-1-5-21-4033032984-1195938581-1271113577-5173
> failed to call wbcRemoveUidMapping: WBC_ERR_NOT_IMPLEMENTED Could not
> remove uid to sid mapping
>
> Same error when removing gid to sid mapping in idmap.
>
> Can you please help me to solve this problem.
>
> Running 'net cache flush' on each DC didn't help.

They may just be warnings, but what are the RIDs 5119, 6652 and 5173 ?

Try running this on a DC:

sudo ldbsearch -H /var/lib/samba/private/sam.ldb
'(objectSid=S-1-5-21-4033032984-1195938581-1271113577-5119)'
objectClass name

It should return the AD objects dn, objectclass and name.
Note: you may have to alter the path to sam.ldb if you have compiled
Samba yourself. Run the command for each SID.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list