Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

SID/NAME conversion problem

  • Filter
  • Time
  • Show
Clear All
new posts

  • SID/NAME conversion problem


    I have a 2000 SP4 file server.
    It used to be a domain controller but now it's demoted to member server.

    If I check the file => security properties of the hosted files I see only the SID (number) instead of the Active directory name.

    I googled and found out that this could be a problem in the local security policy but this isn't the problem. (no such setting there)

    Files on other servers show the act. dir. name, so the problems is locally on the 2000 SP4 server.

    Who has an idea ?



  • #2
    The sid-to-name resolving happens on the DC. So, it looks like this member server can no longer reliably find a DC. Things to check:

    - is the DNS client in TCP/IP pointing to a working DC/DNS?
    - is the member server still a valid domain member? You might have to reset its account


    • #3
      Does that happen with all the ACEs including well known security principals and local accounts/groups (SYSTEM, Everyone, Administrators, etc..) or only with ACEs that contain domain accounts ?
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"


      • #4
        That's right, the computer checks to see which authentication domain the SID belongs to. If the SID belongs to itself, or is truly generic (SELF, Anonymous, etc) it will not go out to any DC.