On Tue, 2004-02-10 at 04:26, Michael Gasch wrote:> hi@all
>
> just for my understanding:
>
> in a samba 3.0 domain (samba 3.0 as pdc with ldap), i thought each
> machine, joining the domain, gets the SID
>
> $DOMAINSID-RID - whether in LDAP or the machine itself
>
> but when i check the SID of a machine account (for example locally on a
> windows xp client), it shows up a different SID (checked with psgetsid),
> but it can join/connect/browse the domain like a charme ???
>
> how is this possible?
> needn't be the machine SID the same as the DOMAIN SID (of course
> including the RID) ???
>
> or holds the machine another (local) SID??
Each machine is it's own domain, and has it's own domain sid. It's
trust account on the DC has a different SID, on the server's domain.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040210/785bf2f0/attachment.bin