[Samba] Re: Chicken-and-egg problem with domain SID
Eric V. Smith
eric at trueblade.com
Wed Aug 18 20:32:51 GMT 2004
Alexander E. Patrakov wrote:
> Eric V. Smith wrote:
>
>> I'm trying to configure samba 3.0.3 from FC2 with an LDAP backend as a
>> domain controller. I'm using smbldap-tools from idealx.org. From
>> what I've read, I need to configure the domain SID in
>> /etc/smbldap-tools/smbldap.conf. But in order to generate the SID, I
>> need to be running samba on the domain controller already.
>
>
> No. The "net getlocalsid" command doesn't need a running samba server.
> So the solution is:
>
> 1) Start an empty ldap server, don't start smbd/nmbd
> 2) smbpasswd -w ldappassword
> 3) net getlocalsid - this should write the SID into ldap
> 4) adjust the SID in the smbldap scripts
> 5) populate ldap
> 6) start the SAMBA servers
>
Alexander:
Thank you very much for your response, it's very helpful. While I think
I can live with this solution, what I really want to do is to generate
the SID on a different box and push all of the config files (including
the LDAP database) over to the samba server. It appears I can just do
what net getlocalsid does and use it to populate LDAP and the smbldap
config.
Thanks again.
Eric.
More information about the samba
mailing list