samba - May 2016 - NT_STATUS_INVALID_SID in a SDC

Hi

Upgrading without  knowing whats the problem  I feel a bit like with 
Windows or lots of comercial software: "The next version will solve all 
your problems" and we all know that's never true.

I appreciate any help.

Cheers


-------- Mensaje reenviado --------
Asunto: 	NT_STATUS_INVALID_SID in a SDC
Fecha: 	Tue, 10 May 2016 12:22:25 -0500
De: 	Kasandra Padisha <kasandrapadisha at hotmail.com>
Para: 	samba at lists.samba.org



Hi All

I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
backported Samba 4.3.18 and is working well.

I have installed a SDC (if I may use that name) on a different network,
the same version of Samba but on a Debian Jessie on AMD64. I followed
every instruction in
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory.
So every test worked fine.

But now when i try to login, to view a share or to join the domain I get
NT_STATUS_INVALID_SID or " The security id structure is invalid".
Not only with the administrator but with any user.

    root at parmenides2:~# smbclient -L localhost -UAdministrator
    Enter Administrator's password:
    session setup failed: NT_STATUS_INVALID_SID

I am really out of arguments


What I have already done:

1. The mirror is OK

#> samba-tool drs showrepl

Is OK

#> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
--filter=whenChanged

I have ran this from both PDCs and get SUCCESS


2. I have read all similar messages

I have found some similar cases but none with a solution. And I have
read ALL literally


3. My smb.conf

I have installed my main controller following
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
and it was generated automatically. I added "idmap_ldb:use" and
"log level"


# Global parameters
[global]
         workgroup = EXAMPLE-W10
         realm = EXAMPLE.COM
         netbios name = DC1
         server role = active directory domain controller
         dns forwarder = 192.168.10.7
         idmap_ldb:use rfc2307 = yes
         log level = 1

[netlogon]
         path = /var/lib/samba/sysvol/example.com/scripts
         read only = No

[sysvol]
         path = /var/lib/samba/sysvol
         read only = No


On DC2 changes the netbios name and dns forwarder .. but everything else
is the same.



4.  ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator

dn: CN=Administrator,CN=Users,DC=example,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Administrator
description: Built-in account for administering the computer/domain
instanceType: 4
whenCreated: 20160505021322.0Z
uSNCreated: 3223
name: Administrator
objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933
codePage: 0
countryCode: 0
pwdLastSet: 131068880020000000
primaryGroupID: 513
objectSid: S-1-5-21-508106755-2976483754-4106360514-500
adminCount: 1
sAMAccountName: Administrator
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
isCriticalSystemObject: TRUE
lastLogonTimestamp: 131068882546671530
memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com
memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
accountExpires: 0
whenChanged: 20160510132605.0Z
uSNChanged: 3721
userAccountControl: 66048
lastLogon: 131073689683266740
distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com


5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep objectSid

objectSid: S-1-5-21-508106755-2976483754-4106360514


I appreciate any help

Cheers

Kasandra

Hi

More info:  The log.smbd shows the following lines when tryied to login 
as Administrator

----------------------------------------------------------------------------------------------------------------
[2016/05/11 08:09:36.411968,  2] 
../source3/param/loadparm.c:2686(lp_do_section)
   Processing section "[netlogon]"
[2016/05/11 08:09:36.412108,  2] 
../source3/param/loadparm.c:2686(lp_do_section)
   Processing section "[sysvol]"
[2016/05/11 08:09:36.412743,  2] 
../source3/lib/interface.c:341(add_interface)
   added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 
netmask=255.255.255.0
[2016/05/11 08:09:36.418379,  2] 
../lib/util/modules.c:196(do_smb_load_module)
   Module 'samba4' loaded
[2016/05/11 08:09:36.444927,  0] 
../source4/auth/unix_token.c:93(security_token_to_unix_token)
   Unable to convert second SID 
(S-1-5-21-508106755-2976483754-4106360514-513) in user token to a GID.  
Conversion was returned as type 0, full token:
[2016/05/11 08:09:36.445462,  0] 
../libcli/security/security_token.c:63(security_token_debug)
   Security token SIDs (13):
     SID[  0]: S-1-5-21-508106755-2976483754-4106360514-500
     SID[  1]: S-1-5-21-508106755-2976483754-4106360514-513
     SID[  2]: S-1-5-21-508106755-2976483754-4106360514-512
     SID[  3]: S-1-5-21-508106755-2976483754-4106360514-572
     SID[  4]: S-1-5-21-508106755-2976483754-4106360514-520
     SID[  5]: S-1-5-21-508106755-2976483754-4106360514-519
     SID[  6]: S-1-5-21-508106755-2976483754-4106360514-518
     SID[  7]: S-1-1-0
     SID[  8]: S-1-5-2
     SID[  9]: S-1-5-11
     SID[ 10]: S-1-5-32-544
     SID[ 11]: S-1-5-32-545
     SID[ 12]: S-1-5-32-554
    Privileges (0x        1FFFFF00):
     Privilege[  0]: SeTakeOwnershipPrivilege
     Privilege[  1]: SeBackupPrivilege
     Privilege[  2]: SeRestorePrivilege
     Privilege[  3]: SeRemoteShutdownPrivilege
     Privilege[  4]: SeSecurityPrivilege
     Privilege[  5]: SeSystemtimePrivilege
     Privilege[  6]: SeShutdownPrivilege
     Privilege[  7]: SeDebugPrivilege
     Privilege[  8]: SeSystemEnvironmentPrivilege
     Privilege[  9]: SeSystemProfilePrivilege
     Privilege[ 10]: SeProfileSingleProcessPrivilege
     Privilege[ 11]: SeIncreaseBasePriorityPrivilege
     Privilege[ 12]: SeLoadDriverPrivilege
     Privilege[ 13]: SeCreatePagefilePrivilege
     Privilege[ 14]: SeIncreaseQuotaPrivilege
     Privilege[ 15]: SeChangeNotifyPrivilege
     Privilege[ 16]: SeUndockPrivilege
     Privilege[ 17]: SeManageVolumePrivilege
     Privilege[ 18]: SeImpersonatePrivilege
     Privilege[ 19]: SeCreateGlobalPrivilege
     Privilege[ 20]: SeEnableDelegationPrivilege
    Rights (0x             403):
     Right[  0]: SeInteractiveLogonRight
     Right[  1]: SeNetworkLogonRight
     Right[  2]: SeRemoteInteractiveLogonRight
[2016/05/11 08:09:36.450569,  1] 
../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
   Failed to generate session_info (user and group token) for session 
setup: NT_STATUS_INVALID_SID

----------------------------------------------------------------------------------------------------------------

Or when tryied to login as a common user
----------------------------------------------------------------------------------------------------------------
[2016/05/11 08:15:44.784439,  2] 
../source3/param/loadparm.c:2686(lp_do_section)
   Processing section "[netlogon]"
[2016/05/11 08:15:44.784710,  2] 
../source3/param/loadparm.c:2686(lp_do_section)
   Processing section "[sysvol]"
[2016/05/11 08:15:44.785399,  2] 
../source3/lib/interface.c:341(add_interface)
   added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 
netmask=255.255.255.0
[2016/05/11 08:15:44.790623,  2] 
../lib/util/modules.c:196(do_smb_load_module)
   Module 'samba4' loaded
[2016/05/11 08:15:44.812343,  0] 
../source4/auth/unix_token.c:79(security_token_to_unix_token)
   Unable to convert first SID 
(S-1-5-21-508106755-2976483754-4106360514-1188) in user token to a UID.  
Conversion was returned as type 0, full token:
[2016/05/11 08:15:44.812690,  0] 
../libcli/security/security_token.c:63(security_token_debug)
   Security token SIDs (7):
     SID[  0]: S-1-5-21-508106755-2976483754-4106360514-1188
     SID[  1]: S-1-5-21-508106755-2976483754-4106360514-513
     SID[  2]: S-1-1-0
     SID[  3]: S-1-5-2
     SID[  4]: S-1-5-11
     SID[  5]: S-1-5-32-545
     SID[  6]: S-1-5-32-554
    Privileges (0x          800000):
     Privilege[  0]: SeChangeNotifyPrivilege
    Rights (0x             400):
     Right[  0]: SeRemoteInteractiveLogonRight
[2016/05/11 08:15:44.814382,  1] 
../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
   Failed to generate session_info (user and group token) for session 
setup: NT_STATUS_INVALID_SID
[2016/05/11 08:16:53.830440,  2] 
../source3/smbd/server.c:467(remove_child_pid)
   Could not find child 20805 -- ignoring

----------------------------------------------------------------------------------------------------------------

Something similar was solved on 4.2 
https://bugzilla.samba.org/show_bug.cgi?id=10720


Cheers

Kasandra


El 11/05/16 a las 07:12, Kasandra Padisha escribió:
>
> Hi
>
> Upgrading without  knowing whats the problem  I feel a bit like with 
> Windows or lots of comercial software: "The next version will solve 
> all your problems" and we all know that's never true.
>
> I appreciate any help.
>
> Cheers
>
>
> -------- Mensaje reenviado --------
> Asunto:     NT_STATUS_INVALID_SID in a SDC
> Fecha:     Tue, 10 May 2016 12:22:25 -0500
> De:     Kasandra Padisha <kasandrapadisha at hotmail.com>
> Para:     samba at lists.samba.org
>
>
>
> Hi All
>
> I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
> backported Samba 4.3.18 and is working well.
>
> I have installed a SDC (if I may use that name) on a different network,
> the same version of Samba but on a Debian Jessie on AMD64. I followed
> every instruction in
>
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory.
>
> So every test worked fine.
>
> But now when i try to login, to view a share or to join the domain I get
> NT_STATUS_INVALID_SID or " The security id structure is invalid".
> Not only with the administrator but with any user.
>
>    root at parmenides2:~# smbclient -L localhost -UAdministrator
>    Enter Administrator's password:
>    session setup failed: NT_STATUS_INVALID_SID
>
> I am really out of arguments
>
>
> What I have already done:
>
> 1. The mirror is OK
>
> #> samba-tool drs showrepl
>
> Is OK
>
> #> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
> --filter=whenChanged
>
> I have ran this from both PDCs and get SUCCESS
>
>
> 2. I have read all similar messages
>
> I have found some similar cases but none with a solution. And I have
> read ALL literally
>
>
> 3. My smb.conf
>
> I have installed my main controller following
>
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>
> and it was generated automatically. I added "idmap_ldb:use" and
"log
> level"
>
>
> # Global parameters
> [global]
>         workgroup = EXAMPLE-W10
>         realm = EXAMPLE.COM
>         netbios name = DC1
>         server role = active directory domain controller
>         dns forwarder = 192.168.10.7
>         idmap_ldb:use rfc2307 = yes
>         log level = 1
>
> [netlogon]
>         path = /var/lib/samba/sysvol/example.com/scripts
>         read only = No
>
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
>
>
> On DC2 changes the netbios name and dns forwarder .. but everything else
> is the same.
>
>
>
> 4.  ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
>
> dn: CN=Administrator,CN=Users,DC=example,DC=com
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: Administrator
> description: Built-in account for administering the computer/domain
> instanceType: 4
> whenCreated: 20160505021322.0Z
> uSNCreated: 3223
> name: Administrator
> objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933
> codePage: 0
> countryCode: 0
> pwdLastSet: 131068880020000000
> primaryGroupID: 513
> objectSid: S-1-5-21-508106755-2976483754-4106360514-500
> adminCount: 1
> sAMAccountName: Administrator
> sAMAccountType: 805306368
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
> isCriticalSystemObject: TRUE
> lastLogonTimestamp: 131068882546671530
> memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
> memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com
> memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
> memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
> memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
> accountExpires: 0
> whenChanged: 20160510132605.0Z
> uSNChanged: 3721
> userAccountControl: 66048
> lastLogon: 131073689683266740
> distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com
>
>
> 5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep 
> objectSid
>
> objectSid: S-1-5-21-508106755-2976483754-4106360514
>
>
> I appreciate any help
>
> Cheers
>
> Kasandra
>
>
>

Nevermind ... I just demote the SDC .. remove samba. Reinstalled, 
rejoined the domain, and now is working ..

:-(    I felt again as with windows  .. .. Just reinstall ..

Thanks to all


El 11/05/16 a las 09:03, Kasandra Padisha escribió:
>
> Hi
>
> More info:  The log.smbd shows the following lines when tryied to 
> login as Administrator
>
>
----------------------------------------------------------------------------------------------------------------
>
> [2016/05/11 08:09:36.411968,  2] 
> ../source3/param/loadparm.c:2686(lp_do_section)
>   Processing section "[netlogon]"
> [2016/05/11 08:09:36.412108,  2] 
> ../source3/param/loadparm.c:2686(lp_do_section)
>   Processing section "[sysvol]"
> [2016/05/11 08:09:36.412743,  2] 
> ../source3/lib/interface.c:341(add_interface)
>   added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 
> netmask=255.255.255.0
> [2016/05/11 08:09:36.418379,  2] 
> ../lib/util/modules.c:196(do_smb_load_module)
>   Module 'samba4' loaded
> [2016/05/11 08:09:36.444927,  0] 
> ../source4/auth/unix_token.c:93(security_token_to_unix_token)
>   Unable to convert second SID 
> (S-1-5-21-508106755-2976483754-4106360514-513) in user token to a 
> GID.  Conversion was returned as type 0, full token:
> [2016/05/11 08:09:36.445462,  0] 
> ../libcli/security/security_token.c:63(security_token_debug)
>   Security token SIDs (13):
>     SID[  0]: S-1-5-21-508106755-2976483754-4106360514-500
>     SID[  1]: S-1-5-21-508106755-2976483754-4106360514-513
>     SID[  2]: S-1-5-21-508106755-2976483754-4106360514-512
>     SID[  3]: S-1-5-21-508106755-2976483754-4106360514-572
>     SID[  4]: S-1-5-21-508106755-2976483754-4106360514-520
>     SID[  5]: S-1-5-21-508106755-2976483754-4106360514-519
>     SID[  6]: S-1-5-21-508106755-2976483754-4106360514-518
>     SID[  7]: S-1-1-0
>     SID[  8]: S-1-5-2
>     SID[  9]: S-1-5-11
>     SID[ 10]: S-1-5-32-544
>     SID[ 11]: S-1-5-32-545
>     SID[ 12]: S-1-5-32-554
>    Privileges (0x        1FFFFF00):
>     Privilege[  0]: SeTakeOwnershipPrivilege
>     Privilege[  1]: SeBackupPrivilege
>     Privilege[  2]: SeRestorePrivilege
>     Privilege[  3]: SeRemoteShutdownPrivilege
>     Privilege[  4]: SeSecurityPrivilege
>     Privilege[  5]: SeSystemtimePrivilege
>     Privilege[  6]: SeShutdownPrivilege
>     Privilege[  7]: SeDebugPrivilege
>     Privilege[  8]: SeSystemEnvironmentPrivilege
>     Privilege[  9]: SeSystemProfilePrivilege
>     Privilege[ 10]: SeProfileSingleProcessPrivilege
>     Privilege[ 11]: SeIncreaseBasePriorityPrivilege
>     Privilege[ 12]: SeLoadDriverPrivilege
>     Privilege[ 13]: SeCreatePagefilePrivilege
>     Privilege[ 14]: SeIncreaseQuotaPrivilege
>     Privilege[ 15]: SeChangeNotifyPrivilege
>     Privilege[ 16]: SeUndockPrivilege
>     Privilege[ 17]: SeManageVolumePrivilege
>     Privilege[ 18]: SeImpersonatePrivilege
>     Privilege[ 19]: SeCreateGlobalPrivilege
>     Privilege[ 20]: SeEnableDelegationPrivilege
>    Rights (0x             403):
>     Right[  0]: SeInteractiveLogonRight
>     Right[  1]: SeNetworkLogonRight
>     Right[  2]: SeRemoteInteractiveLogonRight
> [2016/05/11 08:09:36.450569,  1] 
> ../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
>   Failed to generate session_info (user and group token) for session 
> setup: NT_STATUS_INVALID_SID
>
>
----------------------------------------------------------------------------------------------------------------
>
>
> Or when tryied to login as a common user
>
----------------------------------------------------------------------------------------------------------------
>
> [2016/05/11 08:15:44.784439,  2] 
> ../source3/param/loadparm.c:2686(lp_do_section)
>   Processing section "[netlogon]"
> [2016/05/11 08:15:44.784710,  2] 
> ../source3/param/loadparm.c:2686(lp_do_section)
>   Processing section "[sysvol]"
> [2016/05/11 08:15:44.785399,  2] 
> ../source3/lib/interface.c:341(add_interface)
>   added interface eth0 ip=192.168.0.18 bcast=192.168.0.255 
> netmask=255.255.255.0
> [2016/05/11 08:15:44.790623,  2] 
> ../lib/util/modules.c:196(do_smb_load_module)
>   Module 'samba4' loaded
> [2016/05/11 08:15:44.812343,  0] 
> ../source4/auth/unix_token.c:79(security_token_to_unix_token)
>   Unable to convert first SID 
> (S-1-5-21-508106755-2976483754-4106360514-1188) in user token to a 
> UID.  Conversion was returned as type 0, full token:
> [2016/05/11 08:15:44.812690,  0] 
> ../libcli/security/security_token.c:63(security_token_debug)
>   Security token SIDs (7):
>     SID[  0]: S-1-5-21-508106755-2976483754-4106360514-1188
>     SID[  1]: S-1-5-21-508106755-2976483754-4106360514-513
>     SID[  2]: S-1-1-0
>     SID[  3]: S-1-5-2
>     SID[  4]: S-1-5-11
>     SID[  5]: S-1-5-32-545
>     SID[  6]: S-1-5-32-554
>    Privileges (0x          800000):
>     Privilege[  0]: SeChangeNotifyPrivilege
>    Rights (0x             400):
>     Right[  0]: SeRemoteInteractiveLogonRight
> [2016/05/11 08:15:44.814382,  1] 
> ../source3/smbd/sesssetup.c:281(reply_sesssetup_and_X_spnego)
>   Failed to generate session_info (user and group token) for session 
> setup: NT_STATUS_INVALID_SID
> [2016/05/11 08:16:53.830440,  2] 
> ../source3/smbd/server.c:467(remove_child_pid)
>   Could not find child 20805 -- ignoring
>
>
----------------------------------------------------------------------------------------------------------------
>
>
> Something similar was solved on 4.2 
> https://bugzilla.samba.org/show_bug.cgi?id=10720
>
>
> Cheers
>
> Kasandra
>
>
> El 11/05/16 a las 07:12, Kasandra Padisha escribió:
>>
>> Hi
>>
>> Upgrading without  knowing whats the problem  I feel a bit like with 
>> Windows or lots of comercial software: "The next version will
solve
>> all your problems" and we all know that's never true.
>>
>> I appreciate any help.
>>
>> Cheers
>>
>>
>> -------- Mensaje reenviado --------
>> Asunto:     NT_STATUS_INVALID_SID in a SDC
>> Fecha:     Tue, 10 May 2016 12:22:25 -0500
>> De:     Kasandra Padisha <kasandrapadisha at hotmail.com>
>> Para:     samba at lists.samba.org
>>
>>
>>
>> Hi All
>>
>> I have a running SAMBA PDC on Debian Jessie on a PowerPC. I have
>> backported Samba 4.3.18 and is working well.
>>
>> I have installed a SDC (if I may use that name) on a different network,
>> the same version of Samba but on a Debian Jessie on AMD64. I followed
>> every instruction in
>>
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory.
>>
>> So every test worked fine.
>>
>> But now when i try to login, to view a share or to join the domain I
get
>> NT_STATUS_INVALID_SID or " The security id structure is
invalid".
>> Not only with the administrator but with any user.
>>
>>    root at parmenides2:~# smbclient -L localhost -UAdministrator
>>    Enter Administrator's password:
>>    session setup failed: NT_STATUS_INVALID_SID
>>
>> I am really out of arguments
>>
>>
>> What I have already done:
>>
>> 1. The mirror is OK
>>
>> #> samba-tool drs showrepl
>>
>> Is OK
>>
>> #> samba-tool ldapcmp ldap://DC1 ldap://DC2 -Uadministrator
>> --filter=whenChanged
>>
>> I have ran this from both PDCs and get SUCCESS
>>
>>
>> 2. I have read all similar messages
>>
>> I have found some similar cases but none with a solution. And I have
>> read ALL literally
>>
>>
>> 3. My smb.conf
>>
>> I have installed my main controller following
>>
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>>
>> and it was generated automatically. I added "idmap_ldb:use"
and "log
>> level"
>>
>>
>> # Global parameters
>> [global]
>>         workgroup = EXAMPLE-W10
>>         realm = EXAMPLE.COM
>>         netbios name = DC1
>>         server role = active directory domain controller
>>         dns forwarder = 192.168.10.7
>>         idmap_ldb:use rfc2307 = yes
>>         log level = 1
>>
>> [netlogon]
>>         path = /var/lib/samba/sysvol/example.com/scripts
>>         read only = No
>>
>> [sysvol]
>>         path = /var/lib/samba/sysvol
>>         read only = No
>>
>>
>> On DC2 changes the netbios name and dns forwarder .. but everything
else
>> is the same.
>>
>>
>>
>> 4.  ldbsearch -H /var/lib/samba/private/sam.ldb cn=Administrator
>>
>> dn: CN=Administrator,CN=Users,DC=example,DC=com
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> cn: Administrator
>> description: Built-in account for administering the computer/domain
>> instanceType: 4
>> whenCreated: 20160505021322.0Z
>> uSNCreated: 3223
>> name: Administrator
>> objectGUID: 8426ff4b-4bc4-43da-8de2-bc5808544933
>> codePage: 0
>> countryCode: 0
>> pwdLastSet: 131068880020000000
>> primaryGroupID: 513
>> objectSid: S-1-5-21-508106755-2976483754-4106360514-500
>> adminCount: 1
>> sAMAccountName: Administrator
>> sAMAccountType: 805306368
>> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
>> isCriticalSystemObject: TRUE
>> lastLogonTimestamp: 131068882546671530
>> memberOf: CN=Domain Admins,CN=Users,DC=example,DC=com
>> memberOf: CN=Administrators,CN=Builtin,DC=example,DC=com
>> memberOf: CN=Group Policy Creator Owners,CN=Users,DC=example,DC=com
>> memberOf: CN=Enterprise Admins,CN=Users,DC=example,DC=com
>> memberOf: CN=Schema Admins,CN=Users,DC=example,DC=com
>> accountExpires: 0
>> whenChanged: 20160510132605.0Z
>> uSNChanged: 3721
>> userAccountControl: 66048
>> lastLogon: 131073689683266740
>> distinguishedName: CN=Administrator,CN=Users,DC=example,DC=com
>>
>>
>> 5. ldbsearch -H /var/lib/samba/private/sam.ldb DC=example | grep 
>> objectSid
>>
>> objectSid: S-1-5-21-508106755-2976483754-4106360514
>>
>>
>> I appreciate any help
>>
>> Cheers
>>
>> Kasandra
>>
>>
>>
>
>