thr3ads.net - samba - [Samba] Duplicate SID for Root and Samba Server Machine Name [Mar 2007]

If this information is useful, please help other people find it:
Share via:

Jason Baker

2007-Mar-02 14:24 UTC

[Samba] Duplicate SID for Root and Samba Server Machine Name

I have a samba PDC with LDAP backend running on CentOs 4. Everything is 
working fine, but my log watch report showed two users with the same 
SID. I checked it out and it appears that ROOT and the samba machine 
ASTER$ both have the same SID.
If I do a pdbedit -Lv I get this:
---------------
Unix username: aster$
NT username: aster$
Account Flags: [W ]
User SID: S-1-5-21-1194936901-2368177035-684874509-1000
Primary Group SID: S-1-5-21-1194936901-2368177035-684874509-515
<snip>

---------------
Unix username: root
NT username: root
Account Flags: [U ]
User SID: S-1-5-21-1194936901-2368177035-684874509-1000
Primary Group SID: S-1-5-21-1194936901-2368177035-684874509-513
<snip>

I'm know enough to change the SID, but should I change the ROOT SID to 
S-1-5-21-1194936901-2368177035-684874509-0? The UNIX UID # for Root is 
0. Could this also explain why I cannot join a machine to the domain 
using the client workstation?

-- 

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>

-----BEGIN GEEK CODE BLOCK----- 
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++
------END GEEK CODE BLOCK------

Gerald (Jerry) Carter

2007-Mar-02 14:35 UTC

head link

[Samba] Duplicate SID for Root and Samba Server Machine Name

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason Baker wrote:
> I'm know enough to change the SID, but should I change 
> the ROOT SID to S-1-5-21-1194936901-2368177035-684874509-0?
> The UNIX UID # for Root is 0. Could this also explain why I cannot
> join a machine to the domain using the client workstation?
You are correct in that the duplicate SID is the problem.
But how did the machine account get a RID of 1000 ?
Is there anything odd about your setup?




cheers, jerry
====================================================================Samba       
------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF6DYcIR7qMdg1EfYRAng3AKCFKuZe39dly/6EdgnX9v28dJi9lACfS9Ck
b1iTQiQwETZNhvpPR4UNB38=DTzN
-----END PGP SIGNATURE-----

Seemingly Similar Threads

Search for more seemingly similar threads

samba - Mar 2007 - Duplicate SID for Root and Samba Server Machine Name

[Samba] Duplicate SID for Root and Samba Server Machine Name

[Samba] Duplicate SID for Root and Samba Server Machine Name

Seemingly Similar Threads