Getting Sids instead of Usernames

ALAA_ELMAHDY
ALAA_ELMAHDY used Ask the Experts™
on
Hi,
i am getting sid's instead of user names in the security permissions.

i checked every thing ..the DNS , event viewer, no link latency , active directory is working fine and all the domain controllers are windows server 2008

i am getting this issue on a windows server 2003 file servers.

this problem is only on thous file servers.

thanks
Alaa elmahdy

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:

You would generally only see SIDs in Security Permissions if the object to which that permission refers to has been deleted from Active Directory. For example, if a user was added to those permissions and then that user was deleted, the SID no longer resolves to anything, so the SID appears in the security permissions.

If you have a multiple domain/forest topology, this can sometimes indicate an inability to contact a Global Catalog to resolve SIDs for other domain. If you do have this configuration, I'd suggest you follow best practices by simply promoting all your DCs to GCs.

-Matt

Author

Commented:
the deleted object is not the one.
the sids are translated to user names and groups after a long time of loading.
we did a cross forest migration before and we kept the sid history as we need our objects to keep accessing the shared folders on the file servers.
 
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:

SIDs taking a long time to load is usually indication of some connectivity issues to your Domain Controllers. Do you have a local DC on the network segment where the file servers are running, or does the network traffic have to cross a slow WAN link to reach a DC?

-Matt
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Author

Commented:
we have 3 networks each have local DC/GC and file server.
and nothing is going through the wan.
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:
>> we have 3 networks

Is that 3 separate locations all part of the same domain, or 3 different domains?

Have you split your topology into separate Active Directory Sites (in the Active Directory Sites and Services) tool?

-Matt

Author

Commented:
No all are in the same domain and three sites are there each for a location.
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:
And where are the servers you are seeing this on? Just in one site or across all 3?

Author

Commented:
accross 2 sites (2 file servers)
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:
It's certainly unusual it is taking that long to resolve. What happens if you put a new permission entry in for a different user, then close and re-open the Security box? Does the new entry resolve more quickly?
i discovered it with MCS support the servers was without the service pack 2 , once i installed the service pack 2 my domain SIDs resolutions becomes very fast.
the only thing is that the SID's from the old domains needs to be removed manually from all the folders.
but thanks god....solved.
i'd like to thank you all guys.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial