Samba 4.7.9 dbcheck error

dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb '(objectClass=domain)' objectSid
# record 1
dn: DC=xx,DC=xx,DC=xx
objectSid: S-1-5-21-3258148492-1502286889-3538134041

dc01:~# ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectClass=rIDSet)(cn=RID Set))' rIDAllocationPool
# record 1
dn: CN=RID Set,CN=DC01,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
rIDAllocationPool: 2100-2599

# record 2
dn: CN=RID Set,CN=DC02,OU=Domain Controllers,DC=xx,DC=xx,DC=xx
rIDAllocationPool: 1600-2099


Am 26.09.18 um 15:15 schrieb Rowland Penny via samba:
On Wed, 26 Sep 2018 14:29:24 +0200
Daniel Jordan <d.jordan@xxxxxx> wrote:

You're right, the 'S-1-5-21-3258148492-1502286889-3538134041-1601' is
the SID for fs01. The system only exists 'OU=Server' as I moved it
from 'OU=Computer'
for organisational purposes. I could also move it back to the
'Computer' OU, but the error existed before the move, so this
probably won't have any impact.

Run the following commands on dc01:

ldbsearch -H /var/lib/samba/private/sam.ldb '(objectClass=domain)' objectSid

ldbsearch -H /var/lib/samba/private/sam.ldb '(&(objectClass=rIDSet)(cn=RID Set))' rIDAllocationPool

The first should display the domain SID, it should match the one in your first post.
The second should display the rid pool(s).

Ensure that 'sam.ldb' is in '/var/lib/samba/private', if not change to correct path.


