Working on LDAP support in HEAD
Gerald Carter
gcarter at valinux.com
Sat May 13 13:19:52 GMT 2000
Inge-Håvard Hunstad wrote:
>
> use the profile. If you don't do this then the profile
> wont work for anyone else than the original owner. This
> tells me that the rid is stored inside the user
> profile (most likely inside the NTUser.dat/Ntuser.man).
Right.
> I just wanted to say that those who where using my
> setup where *lucky* because they didn't have to
> worry, because I did a lot of this. But I see the
> point that those who have users with local files on the NTws,
> and roaming profiles have a problem if the rid is changed.
Yup.
> I'm not sure though, why I can change the rid of a
> NT-machine in the domain and still have no problem. I
> even changed the grouprid of the machine and still no problem.
> So if there are some Samba or NT gurus out there that
> will comment on this I would be very happy:-)
The machine RID doesn't really mater i think as it is
never used in an ACL. WHen a machine joins a domain,
it remembers the domain SID from the PDC. If this changes,
the client machine will need to rejoin the domain. The
machine also has a local SID as you know. I don't personally
know of any instance where the domain RID of a machine is
used.
This is based on my own experience and should be considered
an opinion.
Cheers,
jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com VA Linux Systems gcarter at valinux.com
http://www.samba.org SAMBA Team jerry at samba.org
http://www.eng.auburn.edu/~cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-technical
mailing list