OK, this is a SID problem. I built an new XP system, installed SP3 then
tried to use the wizard to connect to the domain:
cat homebase-dectop1
[2013/04/12 16:21:44.899424, 1] auth/server_info.c:386(samu_to_SamInfo3)
The primary group domain
sid(S-1-5-21-3360932306-3333476405-2840157550-513) does not match the
domain sid(S-1-5-21-4240919292-2417995422-4236335894) for
rgm(S-1-5-21-4240919292-2417995422-4236335894-1000)
[2013/04/12 16:21:44.899608, 0] auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[root@homebase samba]# cat homebase-dectop1
[2013/04/12 16:21:44.899424, 1] auth/server_info.c:386(samu_to_SamInfo3)
The primary group domain
sid(S-1-5-21-3360932306-3333476405-2840157550-513) does not match the
domain sid(S-1-5-21-4240919292-2417995422-4236335894) for
rgm(S-1-5-21-4240919292-2417995422-4236335894-1000)
[2013/04/12 16:21:44.899608, 0] auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[2013/04/12 16:23:30.110032, 1] auth/server_info.c:386(samu_to_SamInfo3)
The primary group domain
sid(S-1-5-21-3360932306-3333476405-2840157550-513) does not match the
domain sid(S-1-5-21-4240919292-2417995422-4236335894) for
winadmin(S-1-5-21-4240919292-2417995422-4236335894-302)
[2013/04/12 16:23:30.110200, 0] auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
How do you figure out a SID problem and fix it? This was a clean Samba
install.
On 04/11/2013 08:39 PM, Robert Moskowitz wrote:
I had been running a samba server, the AMAHI F12 distro, that has
samba 3.4.9. It ran well enough, but I was planning on replacing it
with ClearOS. Well monday night I lost my server harddrive, so now it
is crunch time to update/upgrade.
I think I have ClearOS configured properly, it is running samba 3.6.10
(Redhat 6.4 based). So far I have tried to add two of my XP systems
to the new domain. The process I have been using (and what I did 4
years ago when I moved them from a REAL NT domain to the samba domain)
was to first login locally as administrator and using System
Properties > Computer Name >Domain Change to move the computer to a
workgroup called SELF. I then reboot and use the same dialog to join
the new domain, HOME. The old domain was HDA, but a prior domain was
also HOME. This fails and in the samba logs I see:
[2013/04/11 20:22:29.563127, 0]
auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[2013/04/11 20:26:01.504397, 1] auth/server_info.c:386(samu_to_SamInfo3)
The primary group domain
sid(S-1-5-21-3360932306-3333476405-2840157550-513) does not match the
domain sid(S-1-5-21-4240919292-2417995422-4236335894) for
winadmin(S-1-5-21-4240919292-2417995422-4236335894-302)
[2013/04/11 20:26:01.504589, 0]
auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
[2013/04/11 20:26:44.676638, 1] auth/server_info.c:386(samu_to_SamInfo3)
The primary group domain
sid(S-1-5-21-3360932306-3333476405-2840157550-513) does not match the
domain sid(S-1-5-21-4240919292-2417995422-4236335894) for
rgm(S-1-5-21-4240919292-2417995422-4236335894-1000)
[2013/04/11 20:26:44.676804, 0]
auth/check_samsec.c:491(check_sam_security)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_UNSUCCESSFUL'
rgm is a user on the system that has admin priv, and a user on the
samba server that is in the domain_admin group.
What is with the SID problem? How do I clean this up?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
