[Samba] Re: Change user IDs on Samba PDC

Richard Wood richard at ukrm.co.uk
Mon Mar 5 22:38:57 GMT 2007 

On 5 Mar 2007, at 10:26PM, Marco De Vitis wrote:

> On 05/03/2007 14:23, Felipe Augusto van de Wiel wrote:
>
>> 	That's a little bit of a "hard guess". Windows can be an
>> wild environment, and profiles can be even wilder. :-)
>
> I know, I know ;).
>
>>> PS: actually, I suppose I could simple delete both Linux and  
>>> Samba users
>>> and create them again, as long as I know their passwords or  
>>> inform the
>>> "human" users that they have to enter a new password... but what  
>>> happens
>>> to their roaming profiles? Are they completely lost? Can't I  
>>> reuse them
>>> by just changing file ownerships?
>> 	There is a great chance that with new sid the workstation
>> will create a new profile, isn't anything in the Samba Official
>> HOWTO (Desktop Profile Management Chapter) about this?
>
> No, as far as I can tell this situation is not covered there; it  
> talks about migrating profiles from a NT PDC, which is somehow  
> different, and I'm missing the pieces to link it all together.
> Anyway I see mention of a "profiles" Samba tool which might be  
> useful: it changes all occurrences of a SID in a NT registry file.  
> But I strongly fear it could break something; it also only appears  
> to support NT, which probably means you're in for a headache if you  
> use it on XP profiles.
>
> Anyway, I could avoid touching the SID, if I can make the Samba  
> users keep their SIDs while changing their Linux UIDs.
> This is the first piece I'm missing: what is the link between Samba  
> users and Linux UIDs? What happens if I only change the UIDs? Can't  
> I just change some references to them in the Samba database?
>
> PS: uhm, I now also noticed that the pdbedit command has -G and -U  
> arguments which should be able to change the user/group SID for a  
> user... If the only problem is the new SID, then maybe I could  
> simply set it like the old one this way.
>
> Can anyone shed some light on this?

I've just found out you can create a new user on the linux PDC with  
the same name as the user on the Windows domain, copy all of that  
users profile data from "Documents and Settings" from their machine  
to the linux PDC profile/<username> directory (need to be logged in  
as admin to do this), do a 'chown -R <username>' on the newly copied  
files (in the profile directory on the linux PDC) and it all "just  
works".

The user logs in and everything they had is there and (seems) to work  
just fine.


<grin>



Richard

More information about the samba mailing list