I'm trying to configure samba 3.0.3 from FC2 with an LDAP backend as a domain controller. I'm using smbldap-tools from idealx.org. From what I've read, I need to configure the domain SID in /etc/smbldap-tools/smbldap.conf. But in order to generate the SID, I need to be running samba on the domain controller already. I'm trying to generate all of the config files on another machine, and copy them over to the box that will be the domain controller. Once the domain controller is configured, then I'll launch samba on it. Until that point, I'm just going to be copying configuration files to it. From reading the source, I think I can just generate a random SID by calling the equivalent of generate_random_sid(), and converting that to a string. I think I'll write my own routine to do this (probably in Python), since I'm not sure about the initialization required to call generate_random_sid() from my own program. Does this approach make sense? Am I missing a better solution? Thanks. Eric.
Alexander E. Patrakov
2004-Aug-18 08:58 UTC
[Samba] Re: Chicken-and-egg problem with domain SID
Eric V. Smith wrote:> I'm trying to configure samba 3.0.3 from FC2 with an LDAP backend as a > domain controller. I'm using smbldap-tools from idealx.org. From what > I've read, I need to configure the domain SID in > /etc/smbldap-tools/smbldap.conf. But in order to generate the SID, I > need to be running samba on the domain controller already.No. The "net getlocalsid" command doesn't need a running samba server. So the solution is: 1) Start an empty ldap server, don't start smbd/nmbd 2) smbpasswd -w ldappassword 3) net getlocalsid - this should write the SID into ldap 4) adjust the SID in the smbldap scripts 5) populate ldap 6) start the SAMBA servers -- Alexander E. Patrakov