Prev: [Samba] Samba + LDAP error in windows xp while ACL
Next: Windows XP joining Samba 3 PDC: SAM Response - user unknown
From: Gaiseric Vandal on 8 Nov 2009 08:20 Did this use to work OK? It sounds like samba is not properly mapping YOURDOMAIN\username in Windows to the underlying unix account. Do you create the unix accounts first or does samba automatically create them? Either way, I think your LDAP entry for each user should include the unix uid number as well as the samba sid. What happens if you type "wbinfo -s SID S-1-5-21-4020846335-601350461-1468625926-27594?" Also, if I am reading this correctly, the log files seem to indicate two domains are involved here- *-3986255151-* and *-4020846335-* I have had problems getting the SID to unix id mapping stuff working properly with member samba servers (not with XP clients.) Can you try removing and rejoining an XP machine to the domain? -----Original Message----- From: samba-bounces(a)lists.samba.org [mailto:samba-bounces(a)lists.samba.org] On Behalf Of D.Rajan Sent: Sunday, November 08, 2009 7:39 AM To: samba(a)lists.samba.org Subject: [Samba] Samba + LDAP error in windows xp while ACL Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sysadm(a)sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain .. .. .. [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: D.Rajan on 17 Nov 2009 00:30
Dear All, What the files i need to be check to solve the problem. i am having PDC & BDC root(a)sangam:/var/log/samba# net getlocalsid SID for domain SANGAM is: S-1-5-21-4020846335-601350461-1468625926 root(a)vaigai:~# net getlocalsid SID for domain VAIGAI is: S-1-5-21-4020846335-601350461-1468625926 Error while ACL from windows XP: **************************************** ysadm(a)sangam:/var/log/samba$ tailf log.kh-sys-02635 [2009/11/16 19:12:43, 0] printing/print_cups.c:cups_connect(69) Unable to connect to CUPS server localhost:631 - Connection refused [2009/11/17 09:32:28, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:32, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:26:38, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:03, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:29, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-3174 to uid or gid. As per your instruction i convert one systems from our domain to workgroup and restart the system and once again i convert to my domain, eventhough i am not able to give permission from my system. 1. In My client Xp system what i want to check regarding SID infomation ? 2. How to solve the "unable to map SID" error in server. I am having more than 2500 client system. C U Next Mail Raj Take Care HAVE A NICE DAY --- On Sun, 8/11/09, D.Rajan <rajand_2000(a)yahoo.com> wrote: From: D.Rajan <rajand_2000(a)yahoo.com> Subject: Samba + LDAP error in windows xp while ACL To: samba(a)lists.samba.org Date: Sunday, 8 November, 2009, 6:08 PM Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sysadm(a)sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain .. .. .. [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |