thr3ads.net - samba - [Samba] Domain SID does not match built in domain groups' SIDs... [Aug 2006]

If this information is useful, please help other people find it:
Share via:

Jason Shaw

2006-Aug-30 19:38 UTC

[Samba] Domain SID does not match built in domain groups' SIDs...

Hello,


I'm having a few problems, but I'm thinking this should be fixed first. 
It may solve my other issues.

It appears that the built in domain groups' SIDs do not match the 
domain's SID. I used the IDEALX scripts to create these accounts and I 
obviously thought everything was fine before proceeding to add users and 
groups.

Any suggestions on how I can correct this without wiping out the users 
and groups I've already added?


Samba PDC 3.0.20b
OpenLDAP backend

# net groupmap list
Domain Admins (S-1-5-21-220492119-3728255649-3324185874-512) -> Domain 
Admins
Domain Users (S-1-5-21-220492119-3728255649-3324185874-513) -> Domain Users
Domain Guests (S-1-5-21-220492119-3728255649-3324185874-514) -> Domain 
Guests
Domain Computers (S-1-5-21-220492119-3728255649-3324185874-515) -> 
Domain Computers

# net getlocalsid
SID for domain FS02 is: S-1-5-21-580359677-1468577533-2286006929


Much appreciated!

Jason

-- 
-----------------------------------------------------------------
Jason Shaw                   |  Information Systems Administrator
Analytical Methods, Inc.     |  E-mail:   jason.shaw@amiwest.com
2133 152nd Ave NE            |  Phone:    (425) 643-9090
Redmond, WA 98052   USA      |  FAX:      (425) 746-1299
-----------------------------------------------------------------

Felipe Augusto van de Wiel

2006-Aug-31 14:34 UTC

head link

[Samba] Domain SID does not match built in domain groups' SIDs...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/30/2006 04:16 PM, Jason Shaw escreveu:> Hello,
> I'm having a few problems, but I'm thinking this should be fixed
first.
> It may solve my other issues.
> 
> It appears that the built in domain groups' SIDs do not match the
> domain's SID. I used the IDEALX scripts to create these accounts and I
> obviously thought everything was fine before proceeding to add users and
> groups.
	Did you change the SID inside the IDEALX scripts?

> Any suggestions on how I can correct this without wiping out the users
> and groups I've already added?
	Hmmm, you can remap it. :)

> Samba PDC 3.0.20b
> OpenLDAP backend
> 
> # net groupmap list
> Domain Admins (S-1-5-21-220492119-3728255649-3324185874-512) -> Domain
> Admins
> Domain Users (S-1-5-21-220492119-3728255649-3324185874-513) -> Domain
Users
> Domain Guests (S-1-5-21-220492119-3728255649-3324185874-514) -> Domain
> Guests
> Domain Computers (S-1-5-21-220492119-3728255649-3324185874-515) ->
> Domain Computers
>
> # net getlocalsid
> SID for domain FS02 is: S-1-5-21-580359677-1468577533-2286006929
> Much appreciated!
> Jason
	Kind regards,

- --
Felipe Augusto van de Wiel <felipe@paranacidade.org.br>
Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFE9vNxCj65ZxU4gPQRAr+8AJ4vYKoKwbZ99LHFBU71PqnwzK7VhgCgpIwx
wFJ4M2ngWacJ1FK5pEW5hgo=k0AI
-----END PGP SIGNATURE-----

Reasonably Related Threads

Search for more apparently analagous threads

samba - Aug 2006 - Domain SID does not match built in domain groups' SIDs...

[Samba] Domain SID does not match built in domain groups' SIDs...

[Samba] Domain SID does not match built in domain groups' SIDs...

Reasonably Related Threads