I experience this problem by doing the following: 1. Start with hostnameA 2. Create some groups 3. Map them with net groupmap 4. Add these groups as ACEs to ACLs via explorer 5. Change your hostname 6. Look at the ACLs you set in step 4. Notice that the groups cannot be mapped to groupnames, but instead show as SIDs. When this happens the following is printed in log.smbd: init_sam_user_info_21A: User admin has Primary Group SID S-1-5-21-4202287564-1893543878-3578013228- 1201, which conflicts with the domain sid S-1-5-21-754054363-3587102059-2320492328. Failing operation. [2004/03/22 22:14:59, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(6064) init_sam_user_info_21A: User admin has Primary Group SID S-1-5-21-4202287564-1893543878-3578013228- 1201, which conflicts with the domain sid S-1-5-21-754054363-3587102059-2320492328. Failing operation. This, according to abartlet is because we are changing the local SAM SID, when the hostname changes, and perhaps we shouldn't be doing that. I resolved my problem by doing the following: for i in `cat list of groups` do net groupmap delete $i done for i in `cat list of groups` do net groupmap add $i done /etc/rc.d/init.d/smbd restart But this, according to abartlet was "totally bogus" ;). He thinks net getlocalsid/setlocalsid should be used here, and that there should be no user intervention when this kind of things happens, which I would have to agree with.
I'm not doing that kind of Samba3 stuff any more. Reassign (sorry Jerry)
Currently this is expected behavior and documented as well. When you change the name, the local SID changes and so all the group mapping are invalidated. We could do better at this, but the current behavior is by design. Feel free to submit a patch.