Adding a couple of simple functions to smbpasswd for Samba 2.2.8
rsharpe at richardsharpe.com
Thu Jan 30 18:12:22 GMT 2003
If a user changes the NetBIOS name of their Samba PDC, or the DNS name,
when they have not set a NetBIOS name, their SID will change, and
workstations that have joined the domain will not be able to log on.
This is because Samba uses the NetBIOS/DNS name to determine if it should
generate a SID. There is a small discussion of this up on
Between Volker Lendeke and I, we have added support to Samba Head and
3.0.0 that allows you to retrieve the old SID, which is still in the
secrets.tdb file, and place the SID into the correct entry in the
secrets.tdb if you ever get into that problem.
Now, I was thinking of doing something similar for Samba 2.2.8. This will
involve modifying smbpasswd. For reasons of code simplicity, I have
abandoned my earlier thoughs of using 'smbpasswd -L -S <dom>' to retrieve
the old SID and something similar to set the SID.
Instead, I propose:
smbpasswd -X <dom>
to eXtract the old SID
msbpasswd -W S-1-5-21-x-y-z
to Write the new SID as the domain SID for the current domain into the
These are not a lot of coding, should not destabalize any existing code,
and will save at least some people some pain.
Are there any comments?
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
More information about the samba-technical