Peter Eser
2007-Jun-27 13:01 UTC
[Samba] machine account want use algorithm than sambanextrid
Was questioned before with no answer, but have the same problem: With Samba 3.0.25 with ldap backend, what can i do for using algorithm "rid 2*uid + 1000", when samba create samba attributes (sambasid) of computer account, instead of SambaNextRid from SambaDomainName entry ? Background: I create a machine account with smbldap-tools. After that a uidNumber was given to the machine. If the machine logs on the first time a samba gives a SID to the machine using SambaNextRid. If I leave the SambaNextRid base to 1000 after a while adding machines the machine SIDs are in the range of the user/group SIDs, so it would be better to use the algorithm than SambaNextRid. Thanks
On Wed, 2007-06-27 at 15:00 +0200, Peter Eser wrote:> Was questioned before with no answer, but have the same problem: > > With Samba 3.0.25 with ldap backend, what can i do for using algorithm "rid > > 2*uid + 1000", when samba create samba attributes (sambasid) of computer > account, instead of SambaNextRid from SambaDomainName entry ? > > Background: > I create a machine account with smbldap-tools. After that a uidNumber was > given to the machine. > If the machine logs on the first time a samba gives a SID to the machine > using SambaNextRid. > If I leave the SambaNextRid base to 1000 after a while adding machines the > machine SIDs are in > the range of the user/group SIDs, so it would be better to use the algorithm > than SambaNextRid.You shouldn't let smbldap tools create the SID. Samba can very well do it on its own, and that's the preferred and best way. All is need is the posixAccount to attach the sambaSamAccount to ... Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: idra@samba.org http://samba.org