Hi, I'm a tad confused about something. I've got a production instance of Samba running. I am trying to get a test version running on the same box, with the same SID. Without the test server running, I used "net setlocalSID <oldsid>" (the net binary is the one for the new server). Then when I issued 'net getlocalsid' it returned it. I thought I was fine. But when I issue "net groupmap list" all the SID prefixes still show the old SID. Did I do something wrong? Did it not work since I have another instance of Samba running? Is this something to be alarmed about? Also, if I do "net getlocalsid" by itself, I get the SID I expect. If I do "net getlocalsid <domainname>" I get the SID that I see in the groupmap list. Output is below: [root@furnsrv bin]# ./net getlocalsid SID for domain FURNSRV is: S-1-5-21-383998039-2845272951-4289691644 [root@furnsrv bin]# ./net getlocalsid furn SID for domain furn is: S-1-5-21-2095913833-1271187511-909365273 [root@furnsrv bin]# ./net groupmap list System Operators (S-1-5-32-549) -> -1 Domain Users (S-1-5-21-2095913833-1271187511-909365273-2007) -> everyone Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Power Users (S-1-5-32-547) -> -1 Domain Users (S-1-5-21-2095913833-1271187511-909365273-513) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Domain Admins (S-1-5-21-2095913833-1271187511-909365273-512) -> -1 Domain Guests (S-1-5-21-2095913833-1271187511-909365273-514) -> -1 Account Operators (S-1-5-32-548) -> -1 Domain Admins (S-1-5-21-1470575258-2074721094-725182960-512) -> -1 Domain Admins (S-1-5-21-2095913833-1271187511-909365273-2021) -> admins Domain Users (S-1-5-21-1470575258-2074721094-725182960-513) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 Domain Guests (S-1-5-21-1470575258-2074721094-725182960-514) -> -1 On a side note, the syntax "mangle case = yes" is no longer recognized in smb.conf. I have looked in the 3.0.6 man pages and the syntax appears to be correct. Misty
Misty Stanley-Jones
2004-Aug-25 15:57 UTC
[FIXED] (mostly)Re: [Samba] "net setlocalsid" question
Forgive me for responding to my own question. I believe I have found the problem. The groupmaps existed by default, the unixgroup part was just missing. So the whole time, I was supposed to be using "net groupmap modify sid=<blah> unixgroup=<bleh>" instead of "net groupmap add" for groups that already existed. Forgive the newbie for cluttering the list. Still curious about the mangle case parameter though. Misty On Wednesday 25 August 2004 10:40, Misty Stanley-Jones wrote:> Hi, > > I'm a tad confused about something. I've got a production instance of > Samba running. I am trying to get a test version running on the same box, > with the same SID. Without the test server running, I used "net > setlocalSID <oldsid>" (the net binary is the one for the new server). Then > when I issued 'net getlocalsid' it returned it. I thought I was fine. But > when I issue "net groupmap list" all the SID prefixes still show the old > SID. Did I do something wrong? Did it not work since I have another > instance of Samba running? Is this something to be alarmed about? Also, > if I do "net getlocalsid" by itself, I get the SID I expect. If I do "net > getlocalsid <domainname>" I get the SID that I see in the groupmap list. > Output is below:<snipped>> Misty