Hi
Upgrading without knowing whats the problem I feel a bit like with
Windows or lots of comercial software: "The next version will solve all
your problems" and we all know that's never true.
I appreciate any help.
Cheers
-------- Mensaje reenviado --------
Asunto: NT_STATUS_INVALID_SID in a SDC
Fecha: Tue, 10 May 2016 12:22:25 -0500
De: Kasandra Padisha <kasandrapadisha at hotmail.com>
Para: samba at lists.samba.org
Hi All
I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
backported Samba 4.3.18 and is working well.
I have installed a SDC (if I may use that name) on a different network,
the same version of Samba but on a Debian Jessie on AMD64. I followed
every instruction in
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory.
So every test worked fine.
But now when i try to login, to view a share or to join the domain I get
NT_STATUS_INVALID_SID or " The security id structure is invalid".
Not only with the administrator but with any user.
root at parmenides2:~# smbclient -L localhost -UAdministrator
Enter Administrator's password:
session setup failed: NT_STATUS_INVALID_SID
I am really out of arguments
What I have already done:
1. The mirror is OK
#> samba-tool drs showrepl
Is OK
#> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
--filter=whenChanged
I have ran this from both PDCs and get SUCCESS
2. I have read all similar messages
I have found some similar cases but none with a solution. And I have
read ALL literally
3. My smb.conf
I have installed my main controller following
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
and it was generated automatically. I added "idmap_ldb:use" and
"log level"
# Global parameters
[global]
workgroup = EXAMPLE-W10
realm = EXAMPLE.COM
netbios name = DC1
server role = active directory domain controller
dns forwarder = 192.168.10.7
idmap_ldb:use rfc2307 = yes
log level = 1
[netlogon]
path = /var/lib/samba/sysvol/example.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
On DC2 changes the netbios name and dns forwarder .. but everything else
is the same.
4. ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
dn: CN=Administrator,CN=Users,DC=example,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Administrator
description: Built-in account for administering the computer/domain
instanceType: 4
whenCreated: 20160505021322.0Z
uSNCreated: 3223
name: Administrator
objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933
codePage: 0
countryCode: 0
pwdLastSet: 131068880020000000
primaryGroupID: 513
objectSid: S-1-5-21-508106755-2976483754-4106360514-500
adminCount: 1
sAMAccountName: Administrator
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
isCriticalSystemObject: TRUE
lastLogonTimestamp: 131068882546671530
memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com
memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
accountExpires: 0
whenChanged: 20160510132605.0Z
uSNChanged: 3721
userAccountControl: 66048
lastLogon: 131073689683266740
distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com
5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep objectSid
objectSid: S-1-5-21-508106755-2976483754-4106360514
I appreciate any help
Cheers
Kasandra
Hi
More info: The log.smbd shows the following lines when tryied to login
as Administrator
----------------------------------------------------------------------------------------------------------------
[2016/05/11 08:09:36.411968, 2]
../source3/param/loadparm.c:2686(lp_do_section)
Processing section "[netlogon]"
[2016/05/11 08:09:36.412108, 2]
../source3/param/loadparm.c:2686(lp_do_section)
Processing section "[sysvol]"
[2016/05/11 08:09:36.412743, 2]
../source3/lib/interface.c:341(add_interface)
added interface eth0 ip=192.168.0.18 bcast=192.168.0.255
netmask=255.255.255.0
[2016/05/11 08:09:36.418379, 2]
../lib/util/modules.c:196(do_smb_load_module)
Module 'samba4' loaded
[2016/05/11 08:09:36.444927, 0]
../source4/auth/unix_token.c:93(security_token_to_unix_token)
Unable to convert second SID
(S-1-5-21-508106755-2976483754-4106360514-513) in user token to a GID.
Conversion was returned as type 0, full token:
[2016/05/11 08:09:36.445462, 0]
../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (13):
SID[ 0]: S-1-5-21-508106755-2976483754-4106360514-500
SID[ 1]: S-1-5-21-508106755-2976483754-4106360514-513
SID[ 2]: S-1-5-21-508106755-2976483754-4106360514-512
SID[ 3]: S-1-5-21-508106755-2976483754-4106360514-572
SID[ 4]: S-1-5-21-508106755-2976483754-4106360514-520
SID[ 5]: S-1-5-21-508106755-2976483754-4106360514-519
SID[ 6]: S-1-5-21-508106755-2976483754-4106360514-518
SID[ 7]: S-1-1-0
SID[ 8]: S-1-5-2
SID[ 9]: S-1-5-11
SID[ 10]: S-1-5-32-544
SID[ 11]: S-1-5-32-545
SID[ 12]: S-1-5-32-554
Privileges (0x 1FFFFF00):
Privilege[ 0]: SeTakeOwnershipPrivilege
Privilege[ 1]: SeBackupPrivilege
Privilege[ 2]: SeRestorePrivilege
Privilege[ 3]: SeRemoteShutdownPrivilege
Privilege[ 4]: SeSecurityPrivilege
Privilege[ 5]: SeSystemtimePrivilege
Privilege[ 6]: SeShutdownPrivilege
Privilege[ 7]: SeDebugPrivilege
Privilege[ 8]: SeSystemEnvironmentPrivilege
Privilege[ 9]: SeSystemProfilePrivilege
Privilege[ 10]: SeProfileSingleProcessPrivilege
Privilege[ 11]: SeIncreaseBasePriorityPrivilege
Privilege[ 12]: SeLoadDriverPrivilege
Privilege[ 13]: SeCreatePagefilePrivilege
Privilege[ 14]: SeIncreaseQuotaPrivilege
Privilege[ 15]: SeChangeNotifyPrivilege
Privilege[ 16]: SeUndockPrivilege
Privilege[ 17]: SeManageVolumePrivilege
Privilege[ 18]: SeImpersonatePrivilege
Privilege[ 19]: SeCreateGlobalPrivilege
Privilege[ 20]: SeEnableDelegationPrivilege
Rights (0x 403):
Right[ 0]: SeInteractiveLogonRight
Right[ 1]: SeNetworkLogonRight
Right[ 2]: SeRemoteInteractiveLogonRight
[2016/05/11 08:09:36.450569, 1]
../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
Failed to generate session_info (user and group token) for session
setup: NT_STATUS_INVALID_SID
----------------------------------------------------------------------------------------------------------------
Or when tryied to login as a common user
----------------------------------------------------------------------------------------------------------------
[2016/05/11 08:15:44.784439, 2]
../source3/param/loadparm.c:2686(lp_do_section)
Processing section "[netlogon]"
[2016/05/11 08:15:44.784710, 2]
../source3/param/loadparm.c:2686(lp_do_section)
Processing section "[sysvol]"
[2016/05/11 08:15:44.785399, 2]
../source3/lib/interface.c:341(add_interface)
added interface eth0 ip=192.168.0.18 bcast=192.168.0.255
netmask=255.255.255.0
[2016/05/11 08:15:44.790623, 2]
../lib/util/modules.c:196(do_smb_load_module)
Module 'samba4' loaded
[2016/05/11 08:15:44.812343, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Unable to convert first SID
(S-1-5-21-508106755-2976483754-4106360514-1188) in user token to a UID.
Conversion was returned as type 0, full token:
[2016/05/11 08:15:44.812690, 0]
../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (7):
SID[ 0]: S-1-5-21-508106755-2976483754-4106360514-1188
SID[ 1]: S-1-5-21-508106755-2976483754-4106360514-513
SID[ 2]: S-1-1-0
SID[ 3]: S-1-5-2
SID[ 4]: S-1-5-11
SID[ 5]: S-1-5-32-545
SID[ 6]: S-1-5-32-554
Privileges (0x 800000):
Privilege[ 0]: SeChangeNotifyPrivilege
Rights (0x 400):
Right[ 0]: SeRemoteInteractiveLogonRight
[2016/05/11 08:15:44.814382, 1]
../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
Failed to generate session_info (user and group token) for session
setup: NT_STATUS_INVALID_SID
[2016/05/11 08:16:53.830440, 2]
../source3/smbd/server.c:467(remove_child_pid)
Could not find child 20805 -- ignoring
----------------------------------------------------------------------------------------------------------------
Something similar was solved on 4.2
https://bugzilla.samba.org/show_bug.cgi?id=10720
Cheers
Kasandra
El 11/05/16 a las 07:12, Kasandra Padisha escribió:>
> Hi
>
> Upgrading without knowing whats the problem I feel a bit like with
> Windows or lots of comercial software: "The next version will solve
> all your problems" and we all know that's never true.
>
> I appreciate any help.
>
> Cheers
>
>
> -------- Mensaje reenviado --------
> Asunto: NT_STATUS_INVALID_SID in a SDC
> Fecha: Tue, 10 May 2016 12:22:25 -0500
> De: Kasandra Padisha <kasandrapadisha at hotmail.com>
> Para: samba at lists.samba.org
>
>
>
> Hi All
>
> I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
> backported Samba 4.3.18 and is working well.
>
> I have installed a SDC (if I may use that name) on a different network,
> the same version of Samba but on a Debian Jessie on AMD64. I followed
> every instruction in
>
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory.
>
> So every test worked fine.
>
> But now when i try to login, to view a share or to join the domain I get
> NT_STATUS_INVALID_SID or " The security id structure is invalid".
> Not only with the administrator but with any user.
>
> root at parmenides2:~# smbclient -L localhost -UAdministrator
> Enter Administrator's password:
> session setup failed: NT_STATUS_INVALID_SID
>
> I am really out of arguments
>
>
> What I have already done:
>
> 1. The mirror is OK
>
> #> samba-tool drs showrepl
>
> Is OK
>
> #> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
> --filter=whenChanged
>
> I have ran this from both PDCs and get SUCCESS
>
>
> 2. I have read all similar messages
>
> I have found some similar cases but none with a solution. And I have
> read ALL literally
>
>
> 3. My smb.conf
>
> I have installed my main controller following
>
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>
> and it was generated automatically. I added "idmap_ldb:use" and
"log
> level"
>
>
> # Global parameters
> [global]
> workgroup = EXAMPLE-W10
> realm = EXAMPLE.COM
> netbios name = DC1
> server role = active directory domain controller
> dns forwarder = 192.168.10.7
> idmap_ldb:use rfc2307 = yes
> log level = 1
>
> [netlogon]
> path = /var/lib/samba/sysvol/example.com/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
>
> On DC2 changes the netbios name and dns forwarder .. but everything else
> is the same.
>
>
>
> 4. ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
>
> dn: CN=Administrator,CN=Users,DC=example,DC=com
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: Administrator
> description: Built-in account for administering the computer/domain
> instanceType: 4
> whenCreated: 20160505021322.0Z
> uSNCreated: 3223
> name: Administrator
> objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933
> codePage: 0
> countryCode: 0
> pwdLastSet: 131068880020000000
> primaryGroupID: 513
> objectSid: S-1-5-21-508106755-2976483754-4106360514-500
> adminCount: 1
> sAMAccountName: Administrator
> sAMAccountType: 805306368
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
> isCriticalSystemObject: TRUE
> lastLogonTimestamp: 131068882546671530
> memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
> memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com
> memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
> memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
> memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
> accountExpires: 0
> whenChanged: 20160510132605.0Z
> uSNChanged: 3721
> userAccountControl: 66048
> lastLogon: 131073689683266740
> distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com
>
>
> 5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep
> objectSid
>
> objectSid: S-1-5-21-508106755-2976483754-4106360514
>
>
> I appreciate any help
>
> Cheers
>
> Kasandra
>
>
>
Nevermind ... I just demote the SDC .. remove samba. Reinstalled, rejoined the domain, and now is working .. :-( I felt again as with windows .. .. Just reinstall .. Thanks to all El 11/05/16 a las 09:03, Kasandra Padisha escribió:> > Hi > > More info: The log.smbd shows the following lines when tryied to > login as Administrator > > ---------------------------------------------------------------------------------------------------------------- > > [2016/05/11 08:09:36.411968, 2] > ../source3/param/loadparm.c:2686(lp_do_section) > Processing section "[netlogon]" > [2016/05/11 08:09:36.412108, 2] > ../source3/param/loadparm.c:2686(lp_do_section) > Processing section "[sysvol]" > [2016/05/11 08:09:36.412743, 2] > ../source3/lib/interface.c:341(add_interface) > added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 > netmask=255.255.255.0 > [2016/05/11 08:09:36.418379, 2] > ../lib/util/modules.c:196(do_smb_load_module) > Module 'samba4' loaded > [2016/05/11 08:09:36.444927, 0] > ../source4/auth/unix_token.c:93(security_token_to_unix_token) > Unable to convert second SID > (S-1-5-21-508106755-2976483754-4106360514-513) in user token to a > GID. Conversion was returned as type 0, full token: > [2016/05/11 08:09:36.445462, 0] > ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (13): > SID[ 0]: S-1-5-21-508106755-2976483754-4106360514-500 > SID[ 1]: S-1-5-21-508106755-2976483754-4106360514-513 > SID[ 2]: S-1-5-21-508106755-2976483754-4106360514-512 > SID[ 3]: S-1-5-21-508106755-2976483754-4106360514-572 > SID[ 4]: S-1-5-21-508106755-2976483754-4106360514-520 > SID[ 5]: S-1-5-21-508106755-2976483754-4106360514-519 > SID[ 6]: S-1-5-21-508106755-2976483754-4106360514-518 > SID[ 7]: S-1-1-0 > SID[ 8]: S-1-5-2 > SID[ 9]: S-1-5-11 > SID[ 10]: S-1-5-32-544 > SID[ 11]: S-1-5-32-545 > SID[ 12]: S-1-5-32-554 > Privileges (0x 1FFFFF00): > Privilege[ 0]: SeTakeOwnershipPrivilege > Privilege[ 1]: SeBackupPrivilege > Privilege[ 2]: SeRestorePrivilege > Privilege[ 3]: SeRemoteShutdownPrivilege > Privilege[ 4]: SeSecurityPrivilege > Privilege[ 5]: SeSystemtimePrivilege > Privilege[ 6]: SeShutdownPrivilege > Privilege[ 7]: SeDebugPrivilege > Privilege[ 8]: SeSystemEnvironmentPrivilege > Privilege[ 9]: SeSystemProfilePrivilege > Privilege[ 10]: SeProfileSingleProcessPrivilege > Privilege[ 11]: SeIncreaseBasePriorityPrivilege > Privilege[ 12]: SeLoadDriverPrivilege > Privilege[ 13]: SeCreatePagefilePrivilege > Privilege[ 14]: SeIncreaseQuotaPrivilege > Privilege[ 15]: SeChangeNotifyPrivilege > Privilege[ 16]: SeUndockPrivilege > Privilege[ 17]: SeManageVolumePrivilege > Privilege[ 18]: SeImpersonatePrivilege > Privilege[ 19]: SeCreateGlobalPrivilege > Privilege[ 20]: SeEnableDelegationPrivilege > Rights (0x 403): > Right[ 0]: SeInteractiveLogonRight > Right[ 1]: SeNetworkLogonRight > Right[ 2]: SeRemoteInteractiveLogonRight > [2016/05/11 08:09:36.450569, 1] > ../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego) > Failed to generate session_info (user and group token) for session > setup: NT_STATUS_INVALID_SID > > ---------------------------------------------------------------------------------------------------------------- > > > Or when tryied to login as a common user > ---------------------------------------------------------------------------------------------------------------- > > [2016/05/11 08:15:44.784439, 2] > ../source3/param/loadparm.c:2686(lp_do_section) > Processing section "[netlogon]" > [2016/05/11 08:15:44.784710, 2] > ../source3/param/loadparm.c:2686(lp_do_section) > Processing section "[sysvol]" > [2016/05/11 08:15:44.785399, 2] > ../source3/lib/interface.c:341(add_interface) > added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 > netmask=255.255.255.0 > [2016/05/11 08:15:44.790623, 2] > ../lib/util/modules.c:196(do_smb_load_module) > Module 'samba4' loaded > [2016/05/11 08:15:44.812343, 0] > ../source4/auth/unix_token.c:79(security_token_to_unix_token) > Unable to convert first SID > (S-1-5-21-508106755-2976483754-4106360514-1188) in user token to a > UID. Conversion was returned as type 0, full token: > [2016/05/11 08:15:44.812690, 0] > ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (7): > SID[ 0]: S-1-5-21-508106755-2976483754-4106360514-1188 > SID[ 1]: S-1-5-21-508106755-2976483754-4106360514-513 > SID[ 2]: S-1-1-0 > SID[ 3]: S-1-5-2 > SID[ 4]: S-1-5-11 > SID[ 5]: S-1-5-32-545 > SID[ 6]: S-1-5-32-554 > Privileges (0x 800000): > Privilege[ 0]: SeChangeNotifyPrivilege > Rights (0x 400): > Right[ 0]: SeRemoteInteractiveLogonRight > [2016/05/11 08:15:44.814382, 1] > ../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego) > Failed to generate session_info (user and group token) for session > setup: NT_STATUS_INVALID_SID > [2016/05/11 08:16:53.830440, 2] > ../source3/smbd/server.c:467(remove_child_pid) > Could not find child 20805 -- ignoring > > ---------------------------------------------------------------------------------------------------------------- > > > Something similar was solved on 4.2 > https://bugzilla.samba.org/show_bug.cgi?id=10720 > > > Cheers > > Kasandra > > > El 11/05/16 a las 07:12, Kasandra Padisha escribió: >> >> Hi >> >> Upgrading without knowing whats the problem I feel a bit like with >> Windows or lots of comercial software: "The next version will solve >> all your problems" and we all know that's never true. >> >> I appreciate any help. >> >> Cheers >> >> >> -------- Mensaje reenviado -------- >> Asunto: NT_STATUS_INVALID_SID in a SDC >> Fecha: Tue, 10 May 2016 12:22:25 -0500 >> De: Kasandra Padisha <kasandrapadisha at hotmail.com> >> Para: samba at lists.samba.org >> >> >> >> Hi All >> >> I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have >> backported Samba 4.3.18 and is working well. >> >> I have installed a SDC (if I may use that name) on a different network, >> the same version of Samba but on a Debian Jessie on AMD64. I followed >> every instruction in >> https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory. >> >> So every test worked fine. >> >> But now when i try to login, to view a share or to join the domain I get >> NT_STATUS_INVALID_SID or " The security id structure is invalid". >> Not only with the administrator but with any user. >> >> root at parmenides2:~# smbclient -L localhost -UAdministrator >> Enter Administrator's password: >> session setup failed: NT_STATUS_INVALID_SID >> >> I am really out of arguments >> >> >> What I have already done: >> >> 1. The mirror is OK >> >> #> samba-tool drs showrepl >> >> Is OK >> >> #> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator >> --filter=whenChanged >> >> I have ran this from both PDCs and get SUCCESS >> >> >> 2. I have read all similar messages >> >> I have found some similar cases but none with a solution. And I have >> read ALL literally >> >> >> 3. My smb.conf >> >> I have installed my main controller following >> https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller >> >> and it was generated automatically. I added "idmap_ldb:use" and "log >> level" >> >> >> # Global parameters >> [global] >> workgroup = EXAMPLE-W10 >> realm = EXAMPLE.COM >> netbios name = DC1 >> server role = active directory domain controller >> dns forwarder = 192.168.10.7 >> idmap_ldb:use rfc2307 = yes >> log level = 1 >> >> [netlogon] >> path = /var/lib/samba/sysvol/example.com/scripts >> read only = No >> >> [sysvol] >> path = /var/lib/samba/sysvol >> read only = No >> >> >> On DC2 changes the netbios name and dns forwarder .. but everything else >> is the same. >> >> >> >> 4. ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator >> >> dn: CN=Administrator,CN=Users,DC=example,DC=com >> objectClass: top >> objectClass: person >> objectClass: organizationalPerson >> objectClass: user >> cn: Administrator >> description: Built-in account for administering the computer/domain >> instanceType: 4 >> whenCreated: 20160505021322.0Z >> uSNCreated: 3223 >> name: Administrator >> objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933 >> codePage: 0 >> countryCode: 0 >> pwdLastSet: 131068880020000000 >> primaryGroupID: 513 >> objectSid: S-1-5-21-508106755-2976483754-4106360514-500 >> adminCount: 1 >> sAMAccountName: Administrator >> sAMAccountType: 805306368 >> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com >> isCriticalSystemObject: TRUE >> lastLogonTimestamp: 131068882546671530 >> memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com >> memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com >> memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com >> memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com >> memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com >> accountExpires: 0 >> whenChanged: 20160510132605.0Z >> uSNChanged: 3721 >> userAccountControl: 66048 >> lastLogon: 131073689683266740 >> distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com >> >> >> 5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep >> objectSid >> >> objectSid: S-1-5-21-508106755-2976483754-4106360514 >> >> >> I appreciate any help >> >> Cheers >> >> Kasandra >> >> >> > >