Very probably, when you 'rename' something, you just rename the names
(and then not all of them), so your newly renamed domain will probably
have the same domain SID as the old one.
Rowland
Ok so why does this not work... Or any combination .
net getdomainsid
SID for domain ORG is: S-1-5-21-1054434277-4207674981-198073344
rm -rf /usr/local/samba/private/secrets.tdb
net setdomainsid S-1-5-21-1154434277-4207674981-198173344
net setlocalsid S-1-5-21-1154434277-4207674981-198173344
net getdomainsid
SID for domain ORG is: S-1-5-21-1054434277-4207674981-198073344
tdbdump /usr/local/samba/private/secrets.tdb
{
key(16) = "SECRETS/SID/DC01"
data(68) =
"\01\04\00\00\00\00\00\05\15\00\00\00\E5D\CFDe\06\CC\FA\A0\E2\CF\0B\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
}
{
key(15) = "SECRETS/SID/ORG"
data(68) =
"\01\04\00\00\00\00\00\05\15\00\00\00\E5D\CFDe\06\CC\FA\A0\E2\CF\0B\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
}
Thanks
On 09/02/2023 09:20, itdept_head via samba wrote:> > Very probably, when you 'rename' something, you just rename the names > (and then not all of them), so your newly renamed domain will probably > have the same domain SID as the old one. > > > Rowland > > > Ok so why does this not work... Or any combination .Probably because the tools you are using were written to be used against non AD domains The SID is what identifies the domain, but (and I have never renamed a domain) I am sure that when you renamed the domain, the SID was not changed, you didn't create a new domain, you just changed its name. If you do somehow manage to change the domain SID, then you will have a totally new domain and will probably have to rejoin all the clients. If your NAS was joined to the old domain name, it is possible that just changing its domain name will all you need to do. If the domain rename worked correctly, then the NAS records in AD should have changed as well. Have you created a new dns forward zone in AD ? Rowland