Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

[Samba] Why would "net rpc rights grant" fail ?

308 views

Skip to first unread message

Koenraad Lelong

unread,

Apr 11, 2014, 9:10:02 AM4/11/14

Hi,

Me again, still trying to migrate my samba3-server.

Using the script op L.P.H. van Belle, there is one failure :
net rpc rights grant ${SETNTDOM}\\"Domain Admins"
SeDiskOperatorPrivilege -U${SETNTUSER}

This is the result :
==========SE Privileges ===============================
Giving group Domain Admins the SeDiskOperatorPrivilege rights.
Enter Admikoen's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_INVALID_NETWORK_RESPONSE

In my script, just after starting samba I added AdmiKoen to the "Domain
Admins". The Kerberos-tests work OK, SE privileges fails (see above),
testing DNS-records is OK, adding reverse zones is also OK.

I tried to add a Win7-PC, but that fails also, but I don't know if it's
related to the SE privileges fail.
This is what I get on the Win7-PC (translated from dutch) : The given
server can't execute the requested operation.

So the question is : where do I look to detect what's going wrong ?

Thanks for any pointers.

P.S. the Kerberos test outputs : Etype (skey, tkt): arcfour-hmac,
arcfour-hmac
while the "provision" version outputs : Etype (skey, tkt):
aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
Is this related to the failure ?

Regards,

Koenraad.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

L.P.H. van Belle

unread,

Apr 11, 2014, 9:40:02 AM4/11/14

Hai,

The base is always Administrator, this is because of the user mapping root = ... see below..
I'll go modify the script for that. Can you tell which server/script this is ?

Can you try to run it like this.

net rpc rights grant YOURDOMAIN\\AdminKoen SeDiskOperatorPrivilege -UAdministrator
( -U administrator is needed to make it work, its used to authenticate to you can set the privileges. )

And for full admin rights, add the all the SEPrivileges to AdminKoen.
when you run it outside the script you can also kinit Administrator first.

also check if the file in /etc/samba/samba_usermapping exist.
!root = YOURDOMAIN\Administrator YOURDOMAIN\administrator

If you want to have AdminKoen run as "root" , wel there is only 1 root ( Administrator )
then you can change it in the samba_usermapping file.

im guessing you have this problem on the member server? that was also the hard one to get working.

Adding a windows 7 pc ( dutch ) should not be any problem, i joined 32bit and 64bit.
but i did use the user DOMAIN\Administrator for the join.
Adminsitrator on the pc is disabled.

So if in look at your problem.
Your you trying to get AdminKoen to be "root" or just a extra domain admin.
if only as extra domain admin, the adding him to "domain admin" should be sufficient.
and do not disable Administrator.. samba uses it also in the back ground
see the /var/lib/samba/private/named.conf.update

Can you try again and report back?

Best regards,

Louis

>-----Oorspronkelijk bericht-----
>Van: samba.k...@ace-electronics.be
>[mailto:samba-...@lists.samba.org] Namens Koenraad Lelong
>Verzonden: vrijdag 11 april 2014 15:08
>Aan: sa...@lists.samba.org
>Onderwerp: [Samba] Why would "net rpc rights grant" fail ?

Marc Muehlfeld

unread,

Apr 11, 2014, 11:30:02 AM4/11/14

Hello Koenraad,

Am 11.04.2014 15:08, schrieb Koenraad Lelong:
> Using the script op L.P.H. van Belle, there is one failure :
> net rpc rights grant ${SETNTDOM}\\"Domain Admins"
> SeDiskOperatorPrivilege -U${SETNTUSER}
>
> This is the result :
> ==========SE Privileges ===============================
> Giving group Domain Admins the SeDiskOperatorPrivilege rights.
> Enter Admikoen's password:
> Could not connect to server 127.0.0.1
> Connection failed: NT_STATUS_INVALID_NETWORK_RESPONSE

Can you check, if Samba is listening on the localhost address, too?

# netstat -tulpn | egrep "samba|smbd|nmbd|winbind"

If not, you may have bound it to your NIC only. Then add "lo" to the
'interfaces' adapter:
https://wiki.samba.org/index.php/Samba_port_usage#Prevent_Samba_from_listening_on_all_interfaces

Or any 'hosts allow' entries that may deny localhost access?

Regards,
Marc

Koenraad Lelong

unread,

Apr 14, 2014, 5:00:02 AM4/14/14

op 11-04-14 15:29, L.P.H. van Belle schreef:

> Hai,
>
>
> The base is always Administrator, this is because of the user mapping root = ... see below..
> I'll go modify the script for that. Can you tell which server/script this is ?
>
> Can you try to run it like this.
>
> net rpc rights grant YOURDOMAIN\\AdminKoen SeDiskOperatorPrivilege -UAdministrator
> ( -U administrator is needed to make it work, its used to authenticate to you can set the privileges. )
>
> And for full admin rights, add the all the SEPrivileges to AdminKoen.
> when you run it outside the script you can also kinit Administrator first.
>
> also check if the file in /etc/samba/samba_usermapping exist.
> !root = YOURDOMAIN\Administrator YOURDOMAIN\administrator
>
> If you want to have AdminKoen run as "root" , wel there is only 1 root ( Administrator )
> then you can change it in the samba_usermapping file.
>
> im guessing you have this problem on the member server? that was also the hard one to get working.
>
> Adding a windows 7 pc ( dutch ) should not be any problem, i joined 32bit and 64bit.
> but i did use the user DOMAIN\Administrator for the join.
> Adminsitrator on the pc is disabled.
>
> So if in look at your problem.
> Your you trying to get AdminKoen to be "root" or just a extra domain admin.
> if only as extra domain admin, the adding him to "domain admin" should be sufficient.
> and do not disable Administrator.. samba uses it also in the back ground
> see the /var/lib/samba/private/named.conf.update
>
> Can you try again and report back?
>
>
> Best regards,
>
> Louis

Hi,

To clarify : I used Admikoen because Administrator could do nothing when
used with the script. I used what I thought was the password for
Administrator. I even set it again (using Admikoen as Domain Admin) and
then copied the new tdb-files over to the new server. Using that
password, all tests failed.
Now I just found out that when I use the root-password (linux-root from
the samba3 PDC) for the Administrator in the script, I only have the
"net rpc rights grant ..." error.

I then added a usermapping but the error is still there :

==========SE Privileges ===============================
Giving group Domain Admins the SeDiskOperatorPrivilege rights.

Enter Administrator's password:

Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_INVALID_NETWORK_RESPONSE

Maybe related : in my samba3-domain, Administrator can't log in although
there is a usermapping : root = administrator. I don't remember doing
anything to disable Administrator on samba3, but it's more than 5 years
ago. On the samba3 domain, I can login as root though.

I'm using 1-setup-sernet-samba4-ADDC-wheezy.sh, although I don't know if
it's the latest version. I downloaded it last monday.
I modified it to do a classicupgrade and to use the ubuntu sernet-packages.
All this is on a test-server that will become the prime AD-DC, not a
member server.

Anyway,

Many thanks for the help.

Rowland Penny

unread,

Apr 14, 2014, 5:50:02 AM4/14/14

Hi,

As far as I can see (never actually having had to do an upgrade) the
procedure is:

Make sure the info in your LDAP server is correct (no duplicate SID's etc)

Install samba4 on the same server that LDAP is running on, but do not
provision

With LDAP running, run the classicupgrade with samba-tool

Once finished, stop LDAP and any DNS. make resolv.conf point to
'127.0.0.1' and start samba4

Is this basically what you are doing ?

Have you read and understood this page in the wiki ? :

https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29

Once you have your information in AD and Samba4 is running, forget root
when 'talking' to AD, only use 'Administrator', the user 'root' does not
exist in AD. You would only use the 'root' user when you are doing
something that directly affects the machine that samba4 is running on,
i.e. creating a directory

You talk about moving .tdb files to the new server, Just what did you
move and to where ?

From what you have written, I think that you are trying to do all this
on the new samba4 AD server, is this correct ?

Rowland

L.P.H. van Belle

unread,

Apr 14, 2014, 6:10:01 AM4/14/14

Ok,

first you have the latest script, so thats ok.
If only the Privileges go wrong atm then thats a "root/Administrator" thingy.

but.. if its only the Privileges ( on the dc) , i would say, continue with the upgrade first.
and when its all done, stop samba and bind
backup /var/cache/bind /var/cache/samba /var/lib/samba /etc/samba
start up again and.. im guessing big time, so just try ...

net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UAdministrator
net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UYOURDOMAIN\\Administrator
net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UYOURDOMAIN\\Adminkoen
net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UAdminkoen
net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -Uroot

and something as : ( /etc/samba/smb.conf )
username map = /etc/samba/samba_usermapping

!root = YOURDOMAIN\Administrator YOURDOMAIN\administrator

Best regards,

Louis

>-----Oorspronkelijk bericht-----
>Van: samba.k...@ace-electronics.be
>[mailto:samba-...@lists.samba.org] Namens Koenraad Lelong

>Verzonden: maandag 14 april 2014 10:59
>Aan: sa...@lists.samba.org
>Onderwerp: Re: [Samba] Why would "net rpc rights grant" fail ?

Koenraad Lelong

unread,

Apr 14, 2014, 10:10:02 AM4/14/14

op 14-04-14 12:00, L.P.H. van Belle schreef:

> Ok,
>
> first you have the latest script, so thats ok.
> If only the Privileges go wrong atm then thats a "root/Administrator" thingy.
>
> but.. if its only the Privileges ( on the dc) , i would say, continue with the upgrade first.
> and when its all done, stop samba and bind
> backup /var/cache/bind /var/cache/samba /var/lib/samba /etc/samba
> start up again and.. im guessing big time, so just try ...
>
> net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UAdministrator
> net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UYOURDOMAIN\\Administrator
> net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UYOURDOMAIN\\Adminkoen
> net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -UAdminkoen
> net rpc rights grant YOURDOMAIN\\"Domain Admins" SeDiskOperatorPrivilege -Uroot
>
> and something as : ( /etc/samba/smb.conf )
> username map = /etc/samba/samba_usermapping
>
> !root = YOURDOMAIN\Administrator YOURDOMAIN\administrator
>
>
> Best regards,
>
> Louis
>

Hi,

I tried some combinations, but none work. I did set the log level to 1
and I get this in log.samba :

[2014/04/14 15:46:43.274413, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for
id[2]=S-1-5-21-177555115-702490737-1861429907-520: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.275186, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for
id[3]=S-1-5-21-177555115-702490737-1861429907-572: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.275769, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for
id[4]=S-1-5-21-177555115-702490737-1861429907-519: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.276372, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for
id[5]=S-1-5-21-177555115-702490737-1861429907-518: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.277049, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for id[7]=S-1-1-0: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.277547, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for id[8]=S-1-5-2: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.278062, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for id[9]=S-1-5-11: NT_STATUS_NONE_MAPPED
[2014/04/14 15:46:43.278886, 1]
../source4/winbind/idmap.c:831(idmap_sids_to_xids)
idmapping sid_to_xid failed for id[12]=S-1-5-32-554:
NT_STATUS_NONE_MAPPED

Does this mean anything ? In the mailinglist I found someone that
has/had the same problem (see : samba4 classicupgrade problem idmapping
sid_to_xid failed on 28 feb 2014).

ldbsearch -H /var/lib/samba/private/idmap.ldb -a
# record 1
dn: CN=S-1-5-21-177555115-702490737-1861429907-500
cn: S-1-5-21-177555115-702490737-1861429907-500
objectClass: sidMap
objectSid: S-1-5-21-177555115-702490737-1861429907-500
type: ID_TYPE_UID
xidNumber: 0
distinguishedName: CN=S-1-5-21-177555115-702490737-1861429907-500

# record 2
dn: CN=CONFIG
cn: CONFIG
upperBound: 4000000
lowerBound: None
xidNumber: None
distinguishedName: CN=CONFIG

# record 3
dn: CN=S-1-5-7
cn: S-1-5-7
objectClass: sidMap
objectSid: S-1-5-7
type: ID_TYPE_UID
xidNumber: 65534
distinguishedName: CN=S-1-5-7

# record 4
dn: CN=S-1-5-21-177555115-702490737-1861429907-513
cn: S-1-5-21-177555115-702490737-1861429907-513
objectClass: sidMap
objectSid: S-1-5-21-177555115-702490737-1861429907-513
type: ID_TYPE_GID
xidNumber: 100
distinguishedName: CN=S-1-5-21-177555115-702490737-1861429907-513

# returned 4 records
# 4 entries
# 0 referrals

Is this OK ?

Koenraad

Rowland Penny

unread,

Apr 14, 2014, 10:30:01 AM4/14/14

Well NO, you seem to have about 22 records missing, this is not counting
any users and groups you should have, this could have something to do
with the .tdb records you copied to the server, but you need to answer
my earlier email before we can try and track down your problems.

Rowland

Koenraad Lelong

unread,

Apr 14, 2014, 10:50:02 AM4/14/14

op 14-04-14 11:42, Rowland Penny schreef:

> Hi,
>
> As far as I can see (never actually having had to do an upgrade) the
> procedure is:
>
> Make sure the info in your LDAP server is correct (no duplicate SID's etc)

I don't use ldap on samba3. It a tdb-file setup.

>
> Install samba4 on the same server that LDAP is running on, but do not
> provision
>
> With LDAP running, run the classicupgrade with samba-tool
>
> Once finished, stop LDAP and any DNS. make resolv.conf point to
> '127.0.0.1' and start samba4
>
> Is this basically what you are doing ?
>
> Have you read and understood this page in the wiki ? :
>
> https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29
>

I read it several times, and I understand it I think.

>
> Once you have your information in AD and Samba4 is running, forget root
> when 'talking' to AD, only use 'Administrator', the user 'root' does not
> exist in AD. You would only use the 'root' user when you are doing
> something that directly affects the machine that samba4 is running on,
> i.e. creating a directory

I'll forget about root in samba, but what about the root that's in
samba-tool user list ? Can I remove that ? That root is member of
"Domain Admins".

>
> You talk about moving .tdb files to the new server, Just what did you
> move and to where ?

I copied all tdb-files I could find on the samba3-server over to a
temp-directory on the new server. Also the smb.conf of the old server,
passwd and group, group_mapping.ldb.

>
> From what you have written, I think that you are trying to do all this
> on the new samba4 AD server, is this correct ?
>

Yes, it's on the new samba4 server.

Koenraad.

P.S. I was writing this when I saw your new response. I tried something
new, but this does not work : I saw your remark about resolv.conf
pointing to 127.0.0.1. I had it to 192.168.200.10, which is the address
of the NIC of the samba4 server.

Stéphane PURNELLE

unread,

Apr 14, 2014, 11:00:02 AM4/14/14

Are you sure that classic-upgrade has not failed ?

redirect output (standard and error) to file.

-----------------------------------
Stéphane PURNELLE Admin. Systèmes et Réseaux
Service Informatique Corman S.A. Tel : 00 32 (0)87/342467

samba-...@lists.samba.org wrote on 14/04/2014 16:44:55:

> De : Koenraad Lelong <samba.k...@ace-electronics.be>
> A : sa...@lists.samba.org,
> Date : 14/04/2014 16:45
> Objet : Re: [Samba] Why would "net rpc rights grant" fail ?
> Envoyé par : samba-...@lists.samba.org

Rowland Penny

unread,

Apr 14, 2014, 11:10:01 AM4/14/14

Yes, I do not have any user called 'root' in my AD, that is what
'Administrator' is for, he is the windows version of the 'root' user.

>>
>> You talk about moving .tdb files to the new server, Just what did you
>> move and to where ?
>
> I copied all tdb-files I could find on the samba3-server over to a
> temp-directory on the new server. Also the smb.conf of the old server,
> passwd and group, group_mapping.ldb.
>

I take it you did this for the classicupgrade and that they are no where
near /var/lib/samba ?

>>
>> From what you have written, I think that you are trying to do all this
>> on the new samba4 AD server, is this correct ?
>>
>
> Yes, it's on the new samba4 server.
>

Well, all things being well, it should just work, but at the moment, it
is not recommended to use the Samba 4 server as a file server and I
believe that you do not need to run the privilige granting commands on
the samba4 server.

If you install ldb-tools (this is on debian, it might be different on
your OS) and then run this command:

ldbsearch -H /var/lib/samba/private/sam.ldb -b DC=example,DC=com -s sub
"(objectclass=*)" > /root/samba4.ldif

Making sure that sam.ldb is in /var/lib/samba/private and changing
'DC=example,DC=com' for your suffix, you will get a browsable dump of
your AD contents (well most of it anyway)

Check it to see if your users and groups are actually there.

> Koenraad.
>
> P.S. I was writing this when I saw your new response. I tried
> something new, but this does not work : I saw your remark about
> resolv.conf pointing to 127.0.0.1. I had it to 192.168.200.10, which
> is the address of the NIC of the samba4 server.
>

Either should work, but localhost should always be 127.0.0.1 and I
didn't know your servers ip ;-)

Rowland

Koenraad Lelong

unread,

Apr 14, 2014, 11:10:02 AM4/14/14

op 14-04-14 16:44, Koenraad Lelong schreef:

>
> I'll forget about root in samba, but what about the root that's in
> samba-tool user list ? Can I remove that ? That root is member of
> "Domain Admins".
>

Studying the log of the classicupgrade I see I can remove root :

Importing users
User root has been kept in the directory, it should be removed in favour
of the Administrator user
Commiting 'add users' transaction to disk
Adding users to groups
Commiting 'add users to groups' transaction to disk
Setting password for administrator
Administrator password has been set to password of user 'root'

Later I see :

Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'
and 'force unknown acl user = true' for service sysvol
unix_mode(/var/lib/samba/sysvol) returning 0777
unix_mode(/var/lib/samba/sysvol) returning 0664
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 65533
set_nt_acl: chown /var/lib/samba/sysvol. uid = 0, gid = 65533.
Search for gidNumber=65533 gave duplicate results, failing to map to a SID!
idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED

This is the first time that "sid_to_xid" appears in the log.

Koenraad.

Rowland Penny

unread,

Apr 14, 2014, 11:20:02 AM4/14/14

You seem to have two (or more) groups with the same gidNumber, try
searching in AD for this gidNumber .

Rowland

Koenraad Lelong

unread,

Apr 14, 2014, 11:20:02 AM4/14/14

op 14-04-14 16:51, Stéphane PURNELLE schreef:

> Are you sure that classic-upgrade has not failed ?
>
> redirect output (standard and error) to file.
>

I don't know if it fails. Can I know it ? I run it and it finishes. At
the end there is no message that there were fatal problems. I never saw
a log-file of a successfull upgade.

With the information I now have I think I'm seeing problems. See the
idmapping sid_to_xid failed ... NT_STATUS_NONE_MAPPED

Here is what I got (long !) :

Reading smb.conf
Processing section "[homes]"
Processing section "[printers]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[Data]"
Processing section "[Applic]"
Processing section "[Fotos]"
Processing section "[personeel]"
Processing section "[Projects]"
Processing section "[ACE Fotos]"
Processing section "[Productie]"
Processing section "[norman]"
Processing section "[DVD]"
Processing section "[hotroomdata]"
Processing section "[TestShare]"
Processing section "[print$]"
Processing section "[pdf]"
Processing section "[LJ4250]"
Processing section "[PDF-printer]"
Processing section "[papyrusPDF]"
Processing section "[install]"
Processing section "[wpkg]"
Processing section "[UpdateISOs]"
Processing section "[Tikklok]"
Processing section "[NDA]"
Processing section "[isoadmin]"
Provisioning
Exporting account policy
Exporting groups
Ignoring group 'ace-personeel'
S-1-5-21-177555115-702490737-1861429907-1120 listed but then not found:
Unable to enumerate group members, (-1073741722,No such group)
Ignoring group 'Studenten' S-1-5-21-177555115-702490737-1861429907-1003
listed but then not found: Unable to enumerate group members,
(-1073741722,No such group)
Ignoring group 'dotsysgroep'
S-1-5-21-177555115-702490737-1861429907-1136 listed but then not found:
Unable to enumerate group members, (-1073741722,No such group)
Ignoring group 'Machines' S-1-5-21-177555115-702490737-1861429907-1059
listed but then not found: Unable to enumerate group members,
(-1073741722,No such group)
Ignoring group 'Domain Guests'
S-1-5-21-177555115-702490737-1861429907-514 listed but then not found:
Unable to enumerate group members, (-1073741722,No such group)
Ignoring group 'RDP' S-1-5-21-177555115-702490737-1861429907-3264 listed
but then not found: Unable to enumerate group members, (-1073741722,No
such group)
Ignoring group 'NDA' S-1-5-21-177555115-702490737-1861429907-3263 listed
but then not found: Unable to enumerate group members, (-1073741722,No
such group)
Ignoring group 'isoadmin' S-1-5-21-177555115-702490737-1861429907-3265
listed but then not found: Unable to enumerate group members,
(-1073741722,No such group)
Ignoring group 'testers' S-1-5-21-177555115-702490737-1861429907-3015
listed but then not found: Unable to enumerate group members,
(-1073741722,No such group)
Ignoring group 'surfers' S-1-5-21-177555115-702490737-1861429907-3017
listed but then not found: Unable to enumerate group members,
(-1073741722,No such group)
Exporting users
Ignoring group memberships of 'ACE-LT-VM-TEST$'
S-1-5-21-177555115-702490737-1861429907-1036: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT3$'
S-1-5-21-177555115-702490737-1861429907-1127: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-060$'
S-1-5-21-177555115-702490737-1861429907-3156: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-TEMP1$'
S-1-5-21-177555115-702490737-1861429907-1052: Unable to enumerate group
memberships, (-1073741724,No such user)
Skipping wellknown rid=500 (for username=Administrator)
Ignoring group memberships of 'sabina'
S-1-5-21-177555115-702490737-1861429907-1096: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-050$'
S-1-5-21-177555115-702490737-1861429907-3172: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-037-vm2$'
S-1-5-21-177555115-702490737-1861429907-3246: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-055$'
S-1-5-21-177555115-702490737-1861429907-1013: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-091$'
S-1-5-21-177555115-702490737-1861429907-1065: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'PC-PROF2$'
S-1-5-21-177555115-702490737-1861429907-1112: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT22$'
S-1-5-21-177555115-702490737-1861429907-1037: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admigast'
S-1-5-21-177555115-702490737-1861429907-3188: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admijoost'
S-1-5-21-177555115-702490737-1861429907-3262: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-mylabel1$'
S-1-5-21-177555115-702490737-1861429907-3110: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-087$'
S-1-5-21-177555115-702490737-1861429907-1053: Unable to enumerate group
memberships, (-1073741724,No such user)
Skipping wellknown rid=501 (for username=Guest)
Ignoring group memberships of 'ace-069$'
S-1-5-21-177555115-702490737-1861429907-3204: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ROME_01$'
S-1-5-21-177555115-702490737-1861429907-1015: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ronald'
S-1-5-21-177555115-702490737-1861429907-3126: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'MACE5$'
S-1-5-21-177555115-702490737-1861429907-1069: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admiridder'
S-1-5-21-177555115-702490737-1861429907-1039: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Marleen'
S-1-5-21-177555115-702490737-1861429907-1014: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'mydata1'
S-1-5-21-177555115-702490737-1861429907-3112: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt9$'
S-1-5-21-177555115-702490737-1861429907-3142: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT21$'
S-1-5-21-177555115-702490737-1861429907-1038: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-089$'
S-1-5-21-177555115-702490737-1861429907-1055: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ASUS-M6-GJ$'
S-1-5-21-177555115-702490737-1861429907-1129: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt7$'
S-1-5-21-177555115-702490737-1861429907-3128: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-064$'
S-1-5-21-177555115-702490737-1861429907-3158: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admitest'
S-1-5-21-177555115-702490737-1861429907-1002: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-088$'
S-1-5-21-177555115-702490737-1861429907-1054: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ROME01$'
S-1-5-21-177555115-702490737-1861429907-1016: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE_TEST_7$'
S-1-5-21-177555115-702490737-1861429907-1071: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'PC-PROF$'
S-1-5-21-177555115-702490737-1861429907-1101: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT17$'
S-1-5-21-177555115-702490737-1861429907-1018: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt11$'
S-1-5-21-177555115-702490737-1861429907-3144: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt10$'
S-1-5-21-177555115-702490737-1861429907-3146: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admitom'
S-1-5-21-177555115-702490737-1861429907-3232: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'AdmiJohan'
S-1-5-21-177555115-702490737-1861429907-1004: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'joost'
S-1-5-21-177555115-702490737-1861429907-3190: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-084$'
S-1-5-21-177555115-702490737-1861429907-1020: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'chris'
S-1-5-21-177555115-702490737-1861429907-3176: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-070$'
S-1-5-21-177555115-702490737-1861429907-3206: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'OPSITEST1$'
S-1-5-21-177555115-702490737-1861429907-1017: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Johanm'
S-1-5-21-177555115-702490737-1861429907-1019: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'localhost$'
S-1-5-21-177555115-702490737-1861429907-3234: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'lucm'
S-1-5-21-177555115-702490737-1861429907-1118: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-084-VM1$'
S-1-5-21-177555115-702490737-1861429907-1025: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'AdmiJom'
S-1-5-21-177555115-702490737-1861429907-1005: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-042$'
S-1-5-21-177555115-702490737-1861429907-3250: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-072$'
S-1-5-21-177555115-702490737-1861429907-3210: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Davy'
S-1-5-21-177555115-702490737-1861429907-1041: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt8$'
S-1-5-21-177555115-702490737-1861429907-3132: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT19-VM2$'
S-1-5-21-177555115-702490737-1861429907-1057: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'pascal'
S-1-5-21-177555115-702490737-1861429907-3118: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt12$'
S-1-5-21-177555115-702490737-1861429907-3148: Unable to enumerate group
memberships, (-1073741724,No such user)
Demoting BDC account trust for lace2, this DC must be elevated to an
AD DC using 'samba-tool domain dcpromo'
Ignoring group memberships of 'lace2$'
S-1-5-21-177555115-702490737-1861429907-1166: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-090$'
S-1-5-21-177555115-702490737-1861429907-1056: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'AdmiKoen'
S-1-5-21-177555115-702490737-1861429907-1006: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'alliance'
S-1-5-21-177555115-702490737-1861429907-3192: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'papyrus'
S-1-5-21-177555115-702490737-1861429907-3032: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'christophe'
S-1-5-21-177555115-702490737-1861429907-3134: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-066$'
S-1-5-21-177555115-702490737-1861429907-3164: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-086$'
S-1-5-21-177555115-702490737-1861429907-1042: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-071$'
S-1-5-21-177555115-702490737-1861429907-3208: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT5$'
S-1-5-21-177555115-702490737-1861429907-1151: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt14$'
S-1-5-21-177555115-702490737-1861429907-3150: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'TEST-PC$'
S-1-5-21-177555115-702490737-1861429907-1058: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'BackupExec'
S-1-5-21-177555115-702490737-1861429907-1088: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-074$'
S-1-5-21-177555115-702490737-1861429907-3224: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt16$'
S-1-5-21-177555115-702490737-1861429907-3166: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-067$'
S-1-5-21-177555115-702490737-1861429907-3196: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT18$'
S-1-5-21-177555115-702490737-1861429907-1027: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-080$'
S-1-5-21-177555115-702490737-1861429907-1007: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-058$'
S-1-5-21-177555115-702490737-1861429907-3252: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'RidderIQ'
S-1-5-21-177555115-702490737-1861429907-1074: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt15$'
S-1-5-21-177555115-702490737-1861429907-3182: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-053$'
S-1-5-21-177555115-702490737-1861429907-1043: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Martine'
S-1-5-21-177555115-702490737-1861429907-1023: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-068$'
S-1-5-21-177555115-702490737-1861429907-3198: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Sarah'
S-1-5-21-177555115-702490737-1861429907-1089: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'student1'
S-1-5-21-177555115-702490737-1861429907-3214: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Tom'
S-1-5-21-177555115-702490737-1861429907-1152: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'tester'
S-1-5-21-177555115-702490737-1861429907-1044: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'domenico'
S-1-5-21-177555115-702490737-1861429907-3230: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admipascal'
S-1-5-21-177555115-702490737-1861429907-3120: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'dotsys'
S-1-5-21-177555115-702490737-1861429907-1138: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'wpkg'
S-1-5-21-177555115-702490737-1861429907-1008: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Robin'
S-1-5-21-177555115-702490737-1861429907-1060: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT19-VM1$'
S-1-5-21-177555115-702490737-1861429907-1029: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-059$'
S-1-5-21-177555115-702490737-1861429907-3254: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'WIN-TEST$'
S-1-5-21-177555115-702490737-1861429907-1076: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT1$'
S-1-5-21-177555115-702490737-1861429907-1123: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt13$'
S-1-5-21-177555115-702490737-1861429907-3152: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-083$'
S-1-5-21-177555115-702490737-1861429907-1045: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'nvc'
S-1-5-21-177555115-702490737-1861429907-3168: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-081$'
S-1-5-21-177555115-702490737-1861429907-1009: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT23$'
S-1-5-21-177555115-702490737-1861429907-1061: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Cachesys'
S-1-5-21-177555115-702490737-1861429907-1108: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-065$'
S-1-5-21-177555115-702490737-1861429907-3258: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-085$'
S-1-5-21-177555115-702490737-1861429907-1030: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-SAMBA1$'
S-1-5-21-177555115-702490737-1861429907-1077: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'johanl'
S-1-5-21-177555115-702490737-1861429907-1140: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-082$'
S-1-5-21-177555115-702490737-1861429907-1010: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'mace3$'
S-1-5-21-177555115-702490737-1861429907-3216: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'stijn'
S-1-5-21-177555115-702490737-1861429907-3240: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'IUSR_ACE_SERVER_3'
S-1-5-21-177555115-702490737-1861429907-1062: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Veritas'
S-1-5-21-177555115-702490737-1861429907-1109: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'hotroom'
S-1-5-21-177555115-702490737-1861429907-3138: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Sabine'
S-1-5-21-177555115-702490737-1861429907-1034: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-079$'
S-1-5-21-177555115-702490737-1861429907-3256: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT2$'
S-1-5-21-177555115-702490737-1861429907-1125: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-TEMP$'
S-1-5-21-177555115-702490737-1861429907-1050: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-056$'
S-1-5-21-177555115-702490737-1861429907-3244: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'MACE6$'
S-1-5-21-177555115-702490737-1861429907-1066: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Jom'
S-1-5-21-177555115-702490737-1861429907-1011: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT25$'
S-1-5-21-177555115-702490737-1861429907-1063: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT20$'
S-1-5-21-177555115-702490737-1861429907-1033: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Rosita'
S-1-5-21-177555115-702490737-1861429907-1110: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT19-TESTVM$'
S-1-5-21-177555115-702490737-1861429907-1035: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ismail'
S-1-5-21-177555115-702490737-1861429907-1032: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'DIMA'
S-1-5-21-177555115-702490737-1861429907-1082: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Kristien'
S-1-5-21-177555115-702490737-1861429907-1051: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'andrzej'
S-1-5-21-177555115-702490737-1861429907-1048: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'admik10'
S-1-5-21-177555115-702490737-1861429907-1095: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ace-lt6$'
S-1-5-21-177555115-702490737-1861429907-3124: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT4$'
S-1-5-21-177555115-702490737-1861429907-1142: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'MACE4$'
S-1-5-21-177555115-702490737-1861429907-1067: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'Koenraad'
S-1-5-21-177555115-702490737-1861429907-1012: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'rino'
S-1-5-21-177555115-702490737-1861429907-3218: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'ACE-LT24$'
S-1-5-21-177555115-702490737-1861429907-1064: Unable to enumerate group
memberships, (-1073741724,No such user)
Next rid = 3266
Exporting posix attributes
Reading WINS database
Failed to find a Unix account for Veritaslpcfg_load: refreshing
parameters from /etc/samba/smb.conf
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
lp_load_ex: refreshing parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"

Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]

Module 'acl_xattr' loaded

Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'

and 'force unknown acl user = true' for service Unknown Service (snum == -1)

and 'force unknown acl user = true' for service Unknown Service (snum == -1)
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
ldb_wrap open of hklm.ldb
Key 'key=SOFTWARE,hive=NONE' not found
key added: key=SOFTWARE,hive=NONE
Key 'key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=Microsoft,key=SOFTWARE,hive=NONE
Key 'key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=Windows NT,key=Microsoft,key=SOFTWARE,hive=NONE
Key 'key=CurrentVersion,key=Windows
NT,key=Microsoft,key=SOFTWARE,hive=NONE' not found
key added: key=CurrentVersion,key=Windows
NT,key=Microsoft,key=SOFTWARE,hive=NONE
Key 'key=SYSTEM,hive=NONE' not found
key added: key=SYSTEM,hive=NONE
Key 'key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=ProductOptions,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added: key=Print,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Terminal
Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Terminal
Server,key=Control,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key 'key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE' not found
key added: key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Parameters,key=Netlogon,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Key
'key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE'
not found
key added:
key=Parameters,key=Alerter,key=Services,key=CurrentControlSet,key=SYSTEM,hive=NONE
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata
Adding DomainDN: DC=ad01,DC=ace-electronics,DC=be
DN: DC=ad01,DC=ace-electronics,DC=be is a NC
Adding configuration container
DN: CN=Configuration,DC=ad01,DC=ace-electronics,DC=be is a NC
Setting up sam.ldb schema
DN: CN=Schema,CN=Configuration,DC=ad01,DC=ace-electronics,DC=be is a NC
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Setting acl on sysvol skipped
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=ad01,DC=ace-electronics,DC=be
Creating DomainDnsZones and ForestDnsZones partitions
DN: DC=DomainDnsZones,DC=ad01,DC=ace-electronics,DC=be is a NC
DN: DC=ForestDnsZones,DC=ad01,DC=ace-electronics,DC=be is a NC
Populating DomainDnsZones and ForestDnsZones partitions
See /var/lib/samba/private/named.conf for an example configuration
include file for BIND
and /var/lib/samba/private/named.txt for further documentation required
for secure DNS updates
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at
/var/lib/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role: active directory domain controller
Hostname: samba1
NetBIOS Domain: ACE_DOMAIN
DNS Domain: ad01.ace-electronics.be
DOMAIN SID: S-1-5-21-177555115-702490737-1861429907
Importing WINS database
Importing Account policy
Importing idmap database
lp_load_ex: refreshing parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
Adding groups
Importing groups
Group already exists sid=S-1-5-32-549, groupname=Server Operators
existing_groupname=Server Operators, Ignoring.
Group already exists sid=S-1-5-32-552, groupname=Replicator
existing_groupname=Replicator, Ignoring.
Group already exists sid=S-1-5-32-546, groupname=Guests
existing_groupname=Guests, Ignoring.
Group already exists sid=S-1-5-21-177555115-702490737-1861429907-512,
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Group already exists sid=S-1-5-32-550, groupname=Print Operators
existing_groupname=Print Operators, Ignoring.
Group already exists sid=S-1-5-21-177555115-702490737-1861429907-513,
groupname=Domain Users existing_groupname=Domain Users, Ignoring.
Group already exists sid=S-1-5-32-544, groupname=Administrators
existing_groupname=Administrators, Ignoring.
Group already exists sid=S-1-5-32-548, groupname=Account Operators
existing_groupname=Account Operators, Ignoring.
Group already exists sid=S-1-5-21-177555115-702490737-1861429907-514,
groupname=Domain Guests existing_groupname=Domain Guests, Ignoring.
Group already exists sid=S-1-5-32-551, groupname=Backup Operators
existing_groupname=Backup Operators, Ignoring.
Group already exists sid=S-1-5-32-545, groupname=Users
existing_groupname=Users, Ignoring.
Commiting 'add groups' transaction to disk

Adding users
Importing users
User root has been kept in the directory, it should be removed in favour
of the Administrator user
Commiting 'add users' transaction to disk
Adding users to groups
Commiting 'add users to groups' transaction to disk
Setting password for administrator
Administrator password has been set to password of user 'root'

lp_load_ex: refreshing parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
ldb_wrap open of idmap.ldb

Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true'
and 'force unknown acl user = true' for service sysvol
unix_mode(/var/lib/samba/sysvol) returning 0777
unix_mode(/var/lib/samba/sysvol) returning 0664
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 65533
set_nt_acl: chown /var/lib/samba/sysvol. uid = 0, gid = 65533.
Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-18: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED
idmapping sid_to_xid failed for id[0]=S-1-5-11: NT_STATUS_NONE_MAPPED

pdb_try_account_unlock: Account root administratively locked out with no
bad password time. Leaving locked out.
idmapping sid_to_xid failed for
id[0]=S-1-5-21-177555115-702490737-1861429907-572: NT_STATUS_NONE_MAPPED
enum_group_memberships failed for
S-1-5-21-177555115-702490737-1861429907-1000: NT_STATUS_NONE_MAPPED
Fall back to unix uid lookup
idmap range not specified for domain '*'
pdb_try_account_unlock: Account root administratively locked out with no
bad password time. Leaving locked out.
idmapping sid_to_xid failed for
id[0]=S-1-5-21-177555115-702490737-1861429907-572: NT_STATUS_NONE_MAPPED
enum_group_memberships failed for
S-1-5-21-177555115-702490737-1861429907-1000: NT_STATUS_NONE_MAPPED
Fall back to unix uid lookup
idmap range not specified for domain '*'

Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED

Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED

Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED

Freed frame ../source3/smbd/posix_acls.c:3524, expected
../source3/passdb/pdb_samba_dsdb.c:2035.
Freed frame ../source3/modules/vfs_acl_common.c:736, expected
../source3/passdb/pdb_samba_dsdb.c:2035.

unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 65533
set_nt_acl: chown

/var/lib/samba/sysvol/ad01.ace-electronics.be/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.

uid = 0, gid = 65533.
Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED

Search for gidNumber=65533 gave duplicate results, failing to map to a SID!

idmapping xid_to_sid failed for id[0]=65533: NT_STATUS_NONE_MAPPED

Freed frame ../source3/smbd/posix_acls.c:3480, expected
../source3/passdb/pdb_samba_dsdb.c:2035.
Freed frame ../source3/modules/vfs_acl_common.c:736, expected
../source3/passdb/pdb_samba_dsdb.c:2035.

unix_mode(/var/lib/samba/sysvol/ad01.ace-electronics.be/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE)
returning 0777
unix_mode(/var/lib/samba/sysvol/ad01.ace-electronics.be/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE)

returning 0664
unpack_nt_owners: owner sid mapped to uid 0
unpack_nt_owners: group sid mapped to gid 65533
set_nt_acl: chown

/var/lib/samba/sysvol/ad01.ace-electronics.be/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.