well the user's sid is invalid. does it match the domain's sid with net
getdomainsid?
Brad C wrote:
Hello
I'm hoping someone can provide some insight, sample snippet from smb.conf
and the samba log.
Password authentication is working & succeeding, complains about an invalid
SID which I know is the trust relationship that is formed between server and
client, this is a duplicate ldap database from a samba domain controller.
On the topic, anyone have a good book to recommend on Samba, I feel I am
only using 10% of its capability and not really well at that... something is
staring me in the face and Im missing it.
[global]
workgroup = companyx
printing = cups
hosts allow = 192.168.1. printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
security = user
encrypt passwords = Yes
obey pam restrictions = No
log level = 2
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=manager,dc=companyx,dc=co,dc=za
ldap suffix = dc=companyx,dc=co,dc=za
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap ssl = off
ldap delete dn = Yes
[testdir]
comment = test1
path = "/data/test"
browseable = yes
writable = yes
read only = no
available = yes
valid users = bradleyc
admin users = bradleyc
[2009/03/13 08:36:39, 2]
lib/access.c:check_access(406)
Allowed connection from __ffff_192.168.2.154
(::ffff:192.168.2.154)
[2009/03/13 08:36:39, 2]
lib/smbldap.c:smbldap_open_connection(796)
smbldap_open_connection: connection
opened
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user:
bradleyc
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
513
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
513
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
1010
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
512
[2009/03/13 08:36:39, 2]
auth/auth.c:check_ntlm_password(308)
check_ntlm_password: authentication for user [bradleyc] -> [bradleyc] ->
[bradleyc] succeeded
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
544
[2009/03/13 08:36:39, 2]
lib/access.c:check_access(406)
Allowed connection from ::ffff:192.168.2.154
(::ffff:192.168.2.154)
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_sam_from_ldap(571)
init_sam_from_ldap: Entry found for user:
bradleyc
[2009/03/13 08:36:39, 2]
passdb/pdb_ldap.c:init_group_from_ldap(2344)
init_group_from_ldap: Entry found for group:
513
[2009/03/13 08:36:39, 0]
passdb/passdb.c:lookup_global_sam_name(595)
User bradleyc with invalid SID
S-1-5-21-1571991244-1820204139-1100571284-3420 in
passdb
[2009/03/13 08:36:39, 2]
smbd/service.c:make_connection_snum(736)
user 'bradleyc' (from session setup) not permitted to access this share
(testdir)
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba