Announcement

Collapse
No announcement yet.

SID/NAME conversion problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SID/NAME conversion problem

    Hello,

    I have a 2000 SP4 file server.
    It used to be a domain controller but now it's demoted to member server.

    If I check the file => security properties of the hosted files I see only the SID (number) instead of the Active directory name.

    I googled and found out that this could be a problem in the local security policy but this isn't the problem. (no such setting there)
    http://www.microsoft.com/resources/d...en-us/623.mspx

    Files on other servers show the act. dir. name, so the problems is locally on the 2000 SP4 server.

    Who has an idea ?

    Thanks

    Hans

  • #2
    The sid-to-name resolving happens on the DC. So, it looks like this member server can no longer reliably find a DC. Things to check:

    - is the DNS client in TCP/IP pointing to a working DC/DNS?
    - is the member server still a valid domain member? You might have to reset its account

    Comment


    • #3
      Does that happen with all the ACEs including well known security principals and local accounts/groups (SYSTEM, Everyone, Administrators, etc..) or only with ACEs that contain domain accounts ?
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"

      Comment


      • #4
        That's right, the computer checks to see which authentication domain the SID belongs to. If the SID belongs to itself, or is truly generic (SELF, Anonymous, etc) it will not go out to any DC.

        Comment

        Working...
        X