samba - May 2012 - samba4 migration problems

Am 09.05.2012 06:19, schrieb Andrew Bartlett:
>> I also found old postings with the information, that samba creates the
>> sambaSID entry
(http://lists.samba.org/archive/samba/2007-June/133330.html).
>>
>> So could it be a bug in samba? Currently we run 3.5.15.
>
> It could be a bug in whatever created a sambaNextRid value of<  1000.

Yesterday I created a machine account by hand (with the command samba uses). 
After that in LDAP is no attribute sambaSID. Then I enabled level 10 debug log 
and joined this machine. In the log I saw, that samba looks in LDAP for an 
attribute sambaNextRid in sambaDomainName=MUC,dc=mr,dc=lfmg,dc=de. Then it 
takes this number as RID for the new machine and write the old RID value 
incremented back to the attribute.

I don't know who or what filled this attribute initially with a value <
1000.
But maybe it's a good idea if samba doesn't use values < 1000 if that
makes
problems in AD later.


Regards,
Marc

Am 09.05.2012 06:19, schrieb Andrew Bartlett:
>> I also found old postings with the information, that samba creates the
>> sambaSID entry
(http://lists.samba.org/archive/samba/2007-June/133330.html).
>>
>> So could it be a bug in samba? Currently we run 3.5.15.
>
> It could be a bug in whatever created a sambaNextRid value of<  1000.

Yesterday I created a machine account by hand (with the command samba uses). 
After that in LDAP is no attribute sambaSID. Then I enabled level 10 debug log 
and joined this machine. In the log I saw, that samba looks in LDAP for an 
attribute sambaNextRid in sambaDomainName=MUC,dc=mr,dc=lfmg,dc=de. Then it 
takes this number as RID for the new machine and write the old RID value 
incremented back to the attribute.

I don't know who or what filled this attribute initially with a value <
1000.
But maybe it's a good idea if samba doesn't use values < 1000 if that
makes
problems in AD later.


Regards,
Marc