Displaying 20 results from an estimated 8126 matches for "sids".
Did you mean:
ids
2020 Oct 09
1
Is Samba unable to resolve secodary group membership?
Hi all,
i read the logfiles again and again and stumbled over some lines:
[2020/10/07 11:25:45.191784,? 5]
../../libcli/security/security_token.c:63(security_token_debug)
? Security token SIDs (38):
??? SID[? 0]: S-1-5-21-3542048200-3079820972-537594794-55128
??? SID[? 1]: S-1-5-21-3542048200-3079820972-537594794-513
??? SID[? 2]: S-1-5-21-3542048200-3079820972-537594794-211797
??? SID[? 3]: S-1-5-21-3542048200-3079820972-537594794-92780
??? SID[? 4]: S-1-5-21-3542048200-3079820972-...
2019 Jun 13
5
Samba + sssd deployment: success and failure
...rce of authority') as well as a 32-bit RID (relative ID, similar to UID/GID in POSIX except it is a single 32-bit space for any and all security principals in a domain/machine) itself as its components. AFAIK the only exceptions to the rule of SID including RID as its necessary part are Service SIDs and Machine SIDs. The Service SIDs are used to manage permissions for individual services (longer than typical SID and is based on SHA1 hash of the service name) and Machine SIDs are effectively just a special case of the SID prefix without RID. That said the machine accounts in AD will have full S...
2017 Jan 11
4
Corrupted idmap...
...:45.581992, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Unable to convert first SID (S-1-5-7) in user token to a UID.
Conversion was returned as type 0, full token:
[2017/01/10 13:00:45.659202, 0]
../libcli/security/security_token.c:63(security_token_debug)
Security token SIDs (3):
SID[ 0]: S-1-5-7
SID[ 1]: S-1-1-0
SID[ 2]: S-1-5-2
Privileges (0x 0):
Rights (0x 0):
[2017/01/10 13:00:46.378251, 0]
../source4/auth/unix_token.c:79(security_token_to_unix_token)
Unable to convert first SID
(S-1-5-21-2812428577-3463248684-241...
2010 Jul 07
1
The specified server can't perform the requested operation. Problem Accessing samba from windows 7 and vista
...spent many days working on
this but no luck .
please help me :(
following is the log . when i try to access samba share from windows 7.
[2010/07/07 12:53:44.907353, 5] auth/token_util.c:531(debug_nt_user_token)
NT user token of user S-1-5-21-103778645-3415079703-3562334698-8645
contains 58 SIDs
SID[ 0]: S-1-5-21-103778645-3415079703-3562334698-8645
SID[ 1]: S-1-5-21-103778645-3415079703-3562334698-513
SID[ 2]: S-1-1-0
SID[ 3]: S-1-5-2
SID[ 4]: S-1-5-11
SID[ 5]: S-1-5-21-103778645-3415079703-3562334698-1629
SID[ 6]: S-1-5-21-103778645-3415079703-3562334698-1363
SID[...
2014 Sep 04
1
problem with mechanism of samba user SID creation
Hello guys,
as subject says, i've got problem with it. And because i'm in
preparation of migration of users form Samba PDC with passdb.tdb backend
ot LDAP backend, i need to be 100% clear on it.
I can't find the reference to it anywhere, so if anyone can point me in
the right way ..?
What is confusing for me? I'll explain on example:
1. Scenario: Existing Samba PDC server
2005 Feb 08
1
Domain SID issue
Hello
I have a client who historical had a machinename with an underscore
in it : samba_machine
I had to get rid of the underscore names and changed the name
to samba-machine. At the same time I upgraded to samba-3.0.11 to
get a printer queue problem resolved.
Now it seems the Domain SID has changed, so I changed the new SID
back to the old one with net setlocalsid, because on all machines I had
2008 Jul 08
12
Some more win32-security: SID.create
Hi all,
How does this look as a general approach to a SID.create method:
# Creates and initializes
def self.create(authority, *sub_authorities)
if sub_authorities.length > 8
raise ArgumentError, ''maximum of 8 subauthorities allowed''
end
authorities = Array.new(8, 0)
authorities.replace(sub_authorities)
count = authorities.select{ |e| e > 0 }.size
2019 Jun 13
2
Samba + sssd deployment: success and failure
...rce of authority') as well as a 32-bit RID (relative ID, similar to UID/GID in POSIX except it is a single 32-bit space for any and all security principals in a domain/machine) itself as its components. AFAIK the only exceptions to the rule of SID including RID as its necessary part are Service SIDs and Machine SIDs. The Service SIDs are used to manage permissions for individual services (longer than typical SID and is based on SHA1 hash of the service name) and Machine SIDs are effectively just a special case of the SID prefix without RID. That said the machine accounts in AD will have full S...
2014 Feb 09
1
classicupgrade error
Hi all.
I'm doing an upgrade from samba 3.4.8 domain to samba 4.1
I followed this guide:
http://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO
I'm upgrading on a new virtual server (for testing purposes).
Executing the command /usr/local/samba/bin/samba-tool domain
classicupgrade --dbdir=/root/samba3/ --use-xattrs=yes /root/smb.conf
(where /root/samba3/ contains
2014 Nov 02
2
SID of member server in Samba domain (smbldap_search_domain_info: NT_STATUS_UNSUCCESSFUL)
...eturn:
# net getdomainsid
SID for local machine MY_PDC_HOST is: S-1-5-21-4174501313-1202754954-1084205825
SID for domain MY_DOMAIN is: S-1-5-21-4174501313-1202754954-1084205825
# net getlocalsid
SID for domain MY_PDC_HOST is: S-1-5-21-4174501313-1202754954-1084205825
(So, all SIDs are the same. And there is no error)
The other server runs Samba 3.6.6 on Debian stable ("Wheezy"). At first, it wouldn't
let me access it's shares, and SID queries returned:
# net getdomainsid
SID for local machine OTHER is: S-1-5-21-2241737573-1899521008-914752976...
2017 Jan 31
1
unexplained 'access denied' for windows workstations
...g_sign_pdu)
> signed SMB2 message
> [2017/01/31 10:08:43.323568, 4] ../source3/smbd/sec_ctx.c:316(set_sec_ctx)
> setting sec ctx (5227, 513) - sec_ctx_stack_ndx = 0
> [2017/01/31 10:08:43.323612, 5] ../libcli/security/security_token.c:63(security_token_debug)
> Security token SIDs (45):
> SID[ 0]: S-1-22-1-5227
> SID[ 1]: S-1-22-2-513
> SID[ 2]: S-1-5-21-12345678-123456789-868425949-35723
> SID[ 3]: S-1-5-32-551
> SID[ 4]: S-1-5-21-12345678-123456789-868425949-54195
> SID[ 5]: S-1-22-2-5923
> SID[ 6]: S-1-22-2-512
>...
2011 Feb 28
0
Processed: tag open `ftbfs-gcc-4.5' reports with `sid' and `wheezy'
Processing commands for control at bugs.debian.org:
> tag 564974 + sid wheezy
Bug #564974 [cyphesis-cpp] cyphesis-cpp: ftbfs with gcc-4.5
Added tag(s) wheezy.
> tag 565026 + sid wheezy
Bug #565026 [libfreebob] libfreebob: ftbfs with gcc-4.5
Added tag(s) wheezy.
> tag 565051 + sid wheezy
Bug #565051 [synopsis] synopsis: ftbfs with gcc-4.5
Added tag(s) wheezy.
> tag 565068 + sid wheezy
2005 Mar 04
1
'profiles' command with WinXP Profiles
...1-5-21-383998039-2845272951-4289691644-2061
Perms: 000F003F, SID:
Perms: 10000000, SID: S-1-5-18
Perms: 000F003F, SID: S-1-5-32-544
Perms: 10000000, SID: S-1-5-32-544
Owner SID: S-1-5-32-544
Not only are the groups all wrong, but I don't even know where most of the
SIDs in there came from. The S-1-5-21-383998039-2845272951-4289691644-2061
is from the old domain. The others I haven't a clue. Anyway, if I use the
following syntax:
profiles -c S-1-5-21-383998039-2845272951-4289691644-2061 -n
S-1-5-21-725326080-1709766072-2910717368-513 /path/to/NTUSER.DAT...
2004 Aug 04
3
Winbind being flakey
After some more screwing around with leaving and rejoining the ADS
domain I was finally able to access a share with "valid users =" set to
a domain group I was a member of. The _only_ change I made after this
was to add yet another group to the valid users on the share and restart
samba...after that I could no longer access the share. I removed the
additional group, restarted samba and
2005 Nov 30
4
migrate profile from an old server to a new one - SID and ntuser.dat problem
...ced the machine and domain sid from the new
server with the old ones.
But how can reuse the profiles from the old machine
at the new one?
If i make a simple remote copy, the settings of the
users are lost, i miss my german keyboard layout and
so on.
I think that this is a problem regarding the sids of
the users. How can i find out the sids from the old
machine and how can i replace the new ones with the
old ones on the new server?
I tried to do it with " pdbedit -u username -G oldSID"
(i retrieved the old SID from the logs, but i don't
know how to generally get it), but it obvio...
2009 Sep 15
2
Domain SID vs. Local SID on Domain Controller & SID requirements
IF a samba server is setup to be a domain controller, should
it's local SID = the domain SID?
Also, what are the requirements of a SID?
I usually see S-1-5-21-x-y-z, where x,y,z = 10 digits, but
could x,y,z be 1,2,3 (for example)? I.e. do they have to be
10 digit numbers or can they be shorter?
If I have a simple setup, and want a sid I can remember can I
just make it 'short'?
2014 Apr 15
0
"Could not convert SID" error - different results for the same AD query
...to a network timeout, it's possible that the AD server
sometimes isn't responding quickly enough. Or, the AD server could simply be
returning incomplete information.
Does anyone have a suggestion for how to track things down further? I really
don't know much about winbind or AD or even SIDs in general.
Is there much chance that this is a winbind problem, or is it more likely an
AD problem?
Given that I'm not going to be able to replace the AD server, might sssd
work better for querying the AD server?
More details:
Note the different number of SIDs in this successful attempt (...
2020 Jun 05
3
It seems to have bug for @group to set in valid or invalid conf
..., 4, pid=2781, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)
setting sec ctx (1003, 101) - sec_ctx_stack_ndx = 0
[2020/06/05 16:40:40.672941, 5, pid=2781, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:63(security_token
Security token SIDs (15):
SID[ 0]: S-1-5-21-1151667668-222068009-1375177606-1010
SID[ 1]: S-1-5-21-1151667668-222068009-1375177606-513
SID[ 2]: S-1-5-21-1151667668-222068009-1375177606-1003
SID[ 3]: S-1-5-21-1151667668-222068009-1375177606-1006
SID[ 4]: S-1-5-21-1151667668-222068009-1375177606...
2010 Apr 29
1
PDC: System SID missing / inconsistent with domain SID
...hostnew. Also there is no SID at all for
the new NETBIOS name infrahost. This causes for example
net getlocalsid to fail.
My research suggests that the NETBIOS name SID of the PDC
infrahost should be the same as the domain SID, is that
correct? Also, I found an article that dealt with inconsistent
SIDs; it suggested to set the NETBIOS SID to be the same
as the domain SID. But this article dealt with the case
that there actually _is_ a NETBIOS SID in secrets.tdb but
it's not the same as the domain SID. This is not our case
however since there is no SID at all for the NETBIOS name.
We haven...
2019 Jun 13
0
Samba + sssd deployment: success and failure
...rce of authority') as well as a 32-bit RID (relative ID, similar to UID/GID in POSIX except it is a single 32-bit space for any and all security principals in a domain/machine) itself as its components. AFAIK the only exceptions to the rule of SID including RID as its necessary part are Service SIDs and Machine SIDs. The Service SIDs are used to manage permissions for individual services (longer than typical SID and is based on SHA1 hash of the service name) and Machine SIDs are effectively just a special case of the SID prefix without RID. That said the machine accounts in AD will have full S...