RE: SIDS show instead of user names
- From: v-xuwen@xxxxxxxxxxxxxxxxxxxx (Vincent Xu [MSFT])
- Date: Fri, 23 Jun 2006 07:46:39 GMT
Attached is the sid2name tool
Best regards,
Vincent Xu
Microsoft Online Partner Support
======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================
--------------------
<4cAln0blGHA.4908@xxxxxxxxxxxxxxxxxxxxx>X-Tomcat-ID: 105568129
References: <D97EA440-62A7-48DF-85BF-76B2082048E5@xxxxxxxxxxxxx>
<4F433889-5407-4A02-8E93-BEBE56FCB18A@xxxxxxxxxxxxx>
microsoft.public.win2000.active_directory:114557MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
From: v-xuwen@xxxxxxxxxxxxxxxxxxxx (Vincent Xu [MSFT])
Organization: Microsoft
Date: Fri, 23 Jun 2006 07:24:29 GMT
Subject: RE: SIDS show instead of user names
X-Tomcat-NG: microsoft.public.win2000.active_directory
Message-ID: <AcQOcYplGHA.5184@xxxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.win2000.active_directory
Lines: 213
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
found,NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
Hi,
Thanks for your reply and clarifying.
Let's perform some troubleshooting steps:
2. Please use the tool sid2name.exe tool (attached) to
determine the name of those unknown accounts. Please run the below
one-by-one and
check the output:
Sid2name S-1-5-21-583907252-688789844-725345543-1344
Sid2name S-1-5-21-583907252-688789844-725345543-24842
Sid2name S-1-5-21-583907252-688789844-725345543-24843
Sid2name S-1-5-21-583907252-688789844-725345543-37443
Could you find the account names from sid2name.exe? If it cannot be
tothe user
accounts are probably deleted and cause this problem. If the username can
be shown
from sid2name, please search the user accounts in AD users and computers
andensure
it is there.
3. If you can find the user accounts name and it is existed in AD users
thecomputers, please help to capture netmon trace on the problematic file
server.
A. Install the built-in network monitor tools on the problematic file
server.
Windows 2000: (Add/Remove Program --> Add/Remove Windows Components -->
Management
and Monitoring Tools --> Network Monitor Tools --> no need to reboot
machine)
B. Synchronize the time between file server and DC (otherwise it is
difficult to
check in netmon)
C. Run the netmon tool on the file server.
D. Go to Capture --> Networks to choose the correct network card by MAC
address
E. Go to Capture --> Buffer Settings and set 100MB as buffer size (this
setting is
to avoid the trace overwrite itself)
F. Go to Capture --> Start to start capture the network traffic on both
machines.
G. Reproduce the problem by checking the ACL.
H. Stop the capture in network monitor after the unknown account shown.
(Please
note the system time <hh:mm:ss>, we need it to check the netmon trace)
I. Save the network trace and send to me, please also tell me the IP of
rights.machine.
my email is: v-xuwen@xxxxxxxxxxxxx
Thanks.
Best regards,
Vincent Xu
Microsoft Online Partner Support
======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no
this======================================================
--------------------
<4cAln0blGHA.4908@xxxxxxxxxxxxxxxxxxxxx>Thread-Topic: SIDS show instead of user names
thread-index: AcaWFVZsDXP9mpt8TPuuWrsXdSUfxQ==
X-WBNR-Posting-Host: 136.167.76.86
From: =?Utf-8?B?Q2hhcmxpZQ==?= <baboon@xxxxxxxxxxxxxx>
References: <D97EA440-62A7-48DF-85BF-76B2082048E5@xxxxxxxxxxxxx>
microsoft.public.win2000.active_directory:114542Subject: RE: SIDS show instead of user names
Date: Thu, 22 Jun 2006 09:03:01 -0700
Lines: 117
Message-ID: <4F433889-5407-4A02-8E93-BEBE56FCB18A@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.win2000.active_directory
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.win2000.active_directory
Hi Vincent -
Thanks for the response. The NBT Helper service is started and yes,
waiting.problem is persistent. It is not something that is resolved by
10If
I open a window for a group membership or ACL, I can leave it open for
andreason Iminutes and it still only shows SIDs.
I don't think it's a network issue and it is not intermittent. The
saiddon't believe it is network related is because of the following that I
usedin my post:
"I tried using the showacls command line utility and as long as it is
remotely, I DO then see the friendly names in ACLs. Also, when logged
onto the server I can see the name of my own domain account, but it is
followed by the SID."
One more thing that may or may not apply: File Server for MacIntosh is
supposed to be running on that server, but the service will not start
butboth of these problems may have started around the same time. We don't
really need FSM because the Mac users can connect using SMB instead,
IfI
friendlythought I should mention it for troubleshooting purposes.
Thanks.
"Vincent Xu [MSFT]" wrote:
Hi ,
This issue can occur because the SIDs in ACL are not resolved into
user name immediately. Therefore, there will no access denied issue.
NetBIOSthe
problem occur continually or always, please check if the TCP/IP
itenableHelper service set to disabled on the member server. If so, please
it.
If the problem happens intermittently, not very frequently, I think
Domain.is
willthe intermittent network issue. The troubleshooting process may be
time-consuming and troublesome. However, please rest assured that I
sotry my best to provide assistance.
Thanks.
Best regards,
Vincent Xu
Microsoft Online Partner Support
======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader
rights.that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no
======================================================
--------------------
microsoft.public.win2000.active_directory:114528Thread-Topic: SIDS show instead of user names
thread-index: AcaVdane96zSt6CoQHmY7YpuCPFG0A==
X-WBNR-Posting-Host: 136.167.76.86
From: =?Utf-8?B?Q2hhcmxpZQ==?= <baboon@xxxxxxxxxxxxxx>
Subject: SIDS show instead of user names
Date: Wed, 21 Jun 2006 14:00:02 -0700
Lines: 23
Message-ID: <D97EA440-62A7-48DF-85BF-76B2082048E5@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.win2000.active_directory
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.win2000.active_directory
I have a Windows 2000, SP4 member server in a single 2003 AD
membership,The
administratormachine is a file server and IIS public Web server.
I log on to the server with my domain account, which has
rights on the server and when I look at either a group's
addor
the
ACL on a folder, I see the SID rather than the user name.
It doesn't appear as though anyone is being denied access. If I
buta
user
to a group or ACL, I can browse through the domain list of users,
isbyonce
they are added and I click OK, they show as only a SID.
I get the same behavior if I try this from a remote machine, either
using
membership.explorer to look at ACLs or Computer Management to look at group
I tried using the showacls command line utility and as long as it
seeused
loggedremotely, I DO then see the friendly names in ACLs. Also, when
onto
followed bythe server I can see the name of my own domain account, but it is
the SID.
This problem began to happen suddenly for no apparent reason. I
nothing
in the Event Logs that gives any clue.
Does anyone have any suggestions about fixing this?
Thanks.
Attachment:
sid2name.zip
Description: Binary data
- References:
- RE: SIDS show instead of user names
- From: Vincent Xu [MSFT]
- RE: SIDS show instead of user names
- From: Charlie
- RE: SIDS show instead of user names
- From: Vincent Xu [MSFT]
- RE: SIDS show instead of user names
- Prev by Date: RE: SIDS show instead of user names
- Next by Date: Re: Eventid 5788 & 5789
- Previous by thread: RE: SIDS show instead of user names
- Next by thread: RE: SIDS show instead of user names
- Index(es):
Relevant Pages
|
Loading
