Working on LDAP support in HEAD

Gerald Carter gcarter at
Sat May 13 13:19:52 GMT 2000

Inge-Håvard Hunstad wrote:
> use the profile. If you don't do this then the profile 
> wont work for anyone else than the original owner. This 
> tells me that the rid is stored inside the user 
> profile (most likely inside the NTUser.dat/


> I just wanted to say that those who where using my 
> setup where *lucky* because they didn't have to 
> worry, because I did a lot of this. But I see the 
> point that those who have users with local files on the NTws,
> and roaming profiles have a problem if the rid is changed.


> I'm not sure though, why I can change the rid of a 
> NT-machine in the domain and still have no problem. I 
> even changed the grouprid of the machine and still no problem. 
> So if there are some Samba or NT gurus out there that 
> will comment on this I would be very happy:-)

The machine RID doesn't really mater i think as it is 
never used in an ACL. WHen a machine joins a domain,
it remembers the domain SID from the PDC.  If this changes,
the client machine will need to rejoin the domain.  The 
machine also has a local SID as you know.  I don't personally
know of any instance where the domain RID of a machine is 

This is based on my own experience and should be considered 
an opinion.

   /\  Gerald (Jerry) Carter                     Professional Services
 \/    VA Linux Systems  gcarter at      SAMBA Team            jerry at

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list