Hi all, I need help to clear a bit of confusion regarding SIDs on Samba servers. I had my PDC collapse on Thursday which wasn't too much of a problem as I had everything backed up but I'm now in the position that I have a mismatched Domain SID. If I run net getlocalsid I get the sid for the server (called smb0) and net get local sid <domain> returns the sid for the Domain. I need to recover the original domain SID but setlocalsid changes the SID for the machine. As it is, people can log onto the domain but I can't set up any new accounts or change user details with smbldap-tools. Any help appreciated, Cheers, Jools
On Sat, 2005-11-19 at 23:32 +0000, Julian Pilfold-Bagwell wrote:> Hi all, > > I need help to clear a bit of confusion regarding SIDs on Samba servers. > > I had my PDC collapse on Thursday which wasn't too much of a problem as I had > everything backed up but I'm now in the position that I have a mismatched > Domain SID. If I run net getlocalsid I get the sid for the server (called > smb0) and net get local sid <domain> returns the sid for the Domain. > > I need to recover the original domain SID but setlocalsid changes the SID for > the machine. As it is, people can log onto the domain but I can't set up any > new accounts or change user details with smbldap-tools. >---- sounds like all you need to do is run 'net setlocalsid S-1..............' with the SID the same as the PDC that collapsed Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
El sáb, 19-11-2005 a las 23:32 +0000, Julian Pilfold-Bagwell escribió:> Hi all, > > I need help to clear a bit of confusion regarding SIDs on Samba servers. > > I had my PDC collapse on Thursday which wasn't too much of a problem as I had > everything backed up but I'm now in the position that I have a mismatched > Domain SID. If I run net getlocalsid I get the sid for the server (called > smb0) and net get local sid <domain> returns the sid for the Domain. > > I need to recover the original domain SID but setlocalsid changes the SID for > the machine. As it is, people can log onto the domain but I can't set up any > new accounts or change user details with smbldap-tools. > > Any help appreciated, > > Cheers, > > JoolsHi: Similar problem here ( migration of machine/SO and upgrade to latest version ) some days ago. My 2 euro cents: Stop samba services Under a controlled environment backup /etc/samba and /var/lib/samba ( or your distro /var/<location> ) Delete all tdb posible files in both places, better delete all /var/<samba-location>/ files . Only mantain config ones Without start samba sevices change the SID using net setlocalSID SID-1-2... For me, this changed both SID, machine and samba domain to desired one. If things goes bad, you can revert to 1st situation restoring /etc/samba and /var/<samba-location> HTH Regards ______________________________________________ Renovamos el Correo Yahoo! Nuevos servicios, más seguridad http://correo.yahoo.es