I'm using Samba 2.2.8a. Here's my scenario. I have a PDC box "willie1" that I want to replace with a stronger box "willie2". I run the command willie2# smbpasswd -r willie1 -S and transfer willie1's SIDs to willie2. I take down willie1 and willie2 then rename willie2 to willie1. I do this so I can keep my current scripts and policies which have the willie1 name hardcoded into them. It appears the name change from willie2 to willie1 broke the SIDs. No users can login to my clients. Those who can login (via a client login data cache of some sort) do not get policy transfers or their Z: home directory. The domain is definitely broken. Is there any way to keep a PDC name and transfer the SID's and avoid having to go to each client and join the new PDC domain? The only possible method I can think of is to add a third box to the transfer. willie1 -> temp_box take down willie1 rename willie2 to willie1 temp_box -> willie1 Is this the only way to accomplish this? Regards, Randy Parker Dallas, Texas
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 23 Apr 2003, Randy Parker wrote:> It appears the name change from willie2 to willie1 broke > the SIDs. No users can login to my clients. Those who > can login (via a client login data cache of some sort) > do not get policy transfers or their Z: home directory. > The domain is definitely broken.I just looked and this code is a little confusing. Try this. Start smbd (generates the local machine SID). Stop smbd Run smbpasswd -r willie1 -S to set the domain SID Start smbd (this should copy the domain SID to the local machine SID) If you migrate the domain SID onto a fresh secrets.tdb, smbd will overwrite the domain SID when it generates it's local machine SID. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+p1mCIR7qMdg1EfYRArnbAJwNjtW0VgWpFJyWQ3HiGP2kJh+YwACfYepy RcNQm4ezcNNBI+7bhnlbXy8=dDm8 -----END PGP SIGNATURE-----