Where do SIDs come from?

Doug Douglass samba at denverdata.com
Mon Nov 26 11:40:09 GMT 2001


Tom,

There was a recent thread covering migrating from an NT PDC to Samba. That
should shed some general light on your undertaking.

In my rather simplistic view...the SID for your samba domain (not in TNG) is
stored in the file MACHINE.SID in the same dir as your smb.conf. If you know
the SID from your TNG server, you should be able to place this value in the
MACHINE.SID, restart samba and have it "looking like" the PDC from your TNG
domain.

But, since you said you already started adding machines to your samba PDC,
you would still have to add them back to the domain since the SID will have
changed. That being the case, I would suggest leaving TNG as your PDC and
migrate to samba for file/print sharing.

HTH,
Doug

FYI, the SID in this file is created when you tell samba it's going to be a
PDC. The SID has fields that contain things like protocl version info, etc,
and a unique number. The samba TNG docs explain this in quite some detail,
as do the SMB protocol docs, if you realyy want to get into it.

> -----Original Message-----
> From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
> Behalf Of Tom Crummey
> Sent: Monday, November 26, 2001 11:17 AM
> To: samba at lists.samba.org
> Subject: Where do SIDs come from?
>
>
> Hello,
>
> I've got a potentially major problem:
>
> I've recently changed from samba-TNG (vintage last February) which was
> working tolerably well in our environment barring a few locking problems
> and the ever increasing tdb files and memory footprint.
>
> As our number of clients has passed 150, the amount of memory used on
> our Solaris server became unsustainable and I took the decision to migrate
> to samba-2.2.2
>
> Unfortunately, the domain SID changed (not the name, just the SID) which
> seems to mean that I have to rejoin all my systems to the domain and
> trash all my users' roaming profiles. Luckily, Win2k is giving me some
> breathing space courtesy of cached passwords and profiles, but I know
> its a race against time to sort these systems out before their normal
> users are locked out.
>
> Question 1 is: Does anyone know of a way to convert a user's profile
> so that it will work in the changed domain? Going back to TNG is not
> an option now as we have already rejoined about half our systems the
> hard way and removed many cached profiles.
>
> Question 2 is: How are the SID's made up? Could samba and samba-TNG
> agree on a formula?
>
> Tom.
>
> ------------------------------------------------------------------
> ----------
>  Tom Crummey, Systems and Network Manager,      EMAIL: tom at ee.ucl.ac.uk
>  Department of Electronic and Electrical Engineering,
>  University College London,                       TEL: +44 (0)20
> 7679 3898
>  Torrington Place,                                FAX: +44 (0)20 7388 9325
>  London, UK, WC1E 7JE.
> ------------------------------------------------------------------
> ----------
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>





More information about the samba mailing list