[Samba] Need proper steps for correct use of net setlocalsid
David Whitney
soonerdew at gmail.com
Wed Nov 25 05:25:01 MST 2009
Hi, all.
I have discovered that I botched a migration from a 2.2.8a Samba PDC to
Samba 3.3.4; in particular the domain sid was not preserved. Users of the
domain have been authenticating presumably against cached local machine
credentials, mapping them to their old domain SIDS. That's ultimately how I
discovered the domain SID had been trashed - every machine started showing
unmapped users and groups with what I finally realized were SID's prefixed
with the old domain's SID.
Fortunately, I have the old domain SID, which leads me to believe I could
use net setdomainsid to restore it. However, having botched the migration in
the first place, I'm snakebit for some information - in particular, what,
exactly, do I need to do (if anything) prior to executing setdomainsid? Do I
need to change the group SIDs manually as well? What about the SIDS of the
individual users?
Whatever the steps are, I just want to make sure I a) know them all, and b)
execute them in the proper order.
Many thanks,
David
More information about the samba
mailing list