nt logon error

Todd Pfaff pfaff at edge.cis.McMaster.CA
Wed Mar 3 15:10:41 GMT 1999

On Thu, 4 Mar 1999, John T Chiodi wrote:

> Yesterday I was having difficultities with smbd loading due to the fact that
> I had two .SID files.  one was created by 2.1.0-prealpha and the other
> was created by 2.0.3.  I was not sure which I should get rid of so I
> removed both and recreated the MACHINE.SID.  Does upgrading to new
> builds of 2.1.0-prealpha cause this as well?  anyway, I will now have
> to leave the domain and rejoin the domain.  Live and learn.  This
> might be something to include in the faq.
> > 
> > **do not** recreate the MACHINE.SID.  if you do all machine 
> > in the domain will be unable to logon.  If you do, all domain 
> > members will need to leave and rejoin the domain.

this is what i experienced also when i tested 2.1.0-prealpha.
it seems to have changed my MACHINE.SID file because my domain members
could no longer login until they rejoined the domain after i reverted
to 2.0.2.  but, read on...

> From: Gerald Carter <cartegw at Eng.Auburn.EDU>
> Note that Samba 2.0.x uses MACHINE.SID and the HEAD 
> branch uses WORKGROUP.SID where WORKGROUP is the value of
> the smb.conf parameter by the same name.

i think i know the source of the problem...

there is code in samba-2.1.0-prealpha, file lib/sids.c, function
generate_sam_sid(), that looks for an existing MACHINE.SID file
and renames it to domain_name.SID before creating a new SID.

so what happens if you use 2.1.0 is that MACHINE.SID is renamed to
domain_name.SID and then when you revert to 2.0.x a new MACHINE.SID
is created because this file no longer exists.

if reverting from 2.1.0 to 2.0.x, rename domain_name.SID to MACHINE.SID
after stopping 2.1.0 and before starting 2.0.x.

Todd Pfaff                         \  Email: pfaff at mcmaster.ca
Computing and Information Services  \ Voice: (905) 525-9140 x22920
ABB 132                              \  FAX: (905) 528-3773
McMaster University                   \
Hamilton, Ontario, Canada  L8S 4M1     \

More information about the samba-ntdom mailing list