[Samba] Repetitive warnings in our winbindd logs NT_STATUS_NONE_MAPPED
Kamal Chikh echioukh
k_chikhechioukh at hotmail.com
Tue Mar 11 14:46:59 UTC 2025
Hello Rowland,
I finally found the source of this problem on my domain controller. It is a script that rsnycs the sysvol folder to the other domain controllers. And as I just found 2 GPOs with bad permissions (acl) that refer to users/groups that no longer exist, winbindd emitted warnings of the type "NT_STATUS_NONE_MAPPED".
I corrected the sysvol acls using backup/restore by removing all references to these users/groups that no longer exist and I no longer have these warnings that were spamming my samba log.
Thank you for your help.
Best Regards,
__________________________
kamal Chikh Echioukh
________________________________
De : samba <samba-bounces at lists.samba.org> de la part de Kamal Chikh echioukh via samba <samba at lists.samba.org>
Envoyé : mardi, 11 mars 2025 11:52
À : samba at lists.samba.org <samba at lists.samba.org>
Objet : Re: [Samba] Repetitive warnings in our winbindd logs NT_STATUS_NONE_MAPPED
Hello Rowland,
We use the Sernet Samba packages on a Rocky Linux 8 server and Samba 4 AD path is on /var/lib/samba/.
#samba-tool --version
samba-tool: missing subcommand
4.20.7-SerNet-RedHat-7.el8
#cat /etc/redhat-release
Rocky Linux release 8.10 (Green Obsidian)
Best Regards,
__________________________
kamal Chikh Echioukh
________________________________
De : samba <samba-bounces at lists.samba.org> de la part de Rowland Penny via samba <samba at lists.samba.org>
Envoyé : lundi, 10 mars 2025 17:36
À : samba at lists.samba.org <samba at lists.samba.org>
Cc : Rowland Penny <rpenny at samba.org>
Objet : Re: [Samba] Repetitive warnings in our winbindd logs NT_STATUS_NONE_MAPPED
On Mon, 10 Mar 2025 16:20:19 +0000
Kamal Chikh echioukh <k_chikhechioukh at hotmail.com> wrote:
> Hello Rowland,
>
> Thank you for your reply.
>
> The following command :
> #ldbsearch -H /var/lib/samba/private/sam.ldb
> '(objectSid=S-1-5-21-4033032984-1195938581-1271113577-6652)'
> objectClass name
>
> Return an empty output.
You are running Rocky Linux 8 and like RHEL, you cannot provision Samba
as a DC with the standard Samba packages. This leads you with two
options, you either use a third party repo (Tranquil IT for instance)
or you compile Samba yourself.
If you compile Samba yourself, then sam.ldb is likely to be in
/usr/local/samba/private/ (or something similar, it has been a long
time since I built Samba), so if you built Samba, did you try that path
?
If you didn't build Samba yourself, where did you get the Samba
packages from ?
Rowland
PS Please do not 'CC' me
>
> Also :
>
> #wbinfo --lookup-rids=5119,6652,5173
> winbind_lookup_rids failed: WBC_ERR_DOMAIN_NOT_FOUND
> Could not lookup RIDs 5119,6652,5173
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list