Samba4 - set the SID/RID on a new user

Charles Tryon charles.tryon at gmail.com
Mon Nov 8 12:51:51 MST 2010


  I'm not sure if this is the correct list to ask this, but I have been
doing some work with Samba4.  I have an existing Samba3 instance running on
top of a Fedora 389 LDAP service, which I would like to move over to a
Samba4 server.

  My question is: Is there any way to script the setup of the SID/RID for a
user either as you add him/her (using samba_tool) or after the fact, with
LDAP command tools?  I have set the server SID in the provisioning step, so
that much is correct, but the system assigns me the next available RID by
itself, rather than giving me any way to set it.  I need to migrate the
users such that they have the same SID, so that when I swap servers, they
client will end up using the same profile on their local computer, rather
than starting over again from scratch...

  I tried to use the examples/LDAP/convertSambaAccount tool, but that didn't
seem to do anything to the LDIF file I gave it.  I have tried to use
ldapmodify, but it always complains, saying that I can't specify the user
SID (even when I go through the trouble of generating the base64 encoded
binary version of the SID).

  (I am currently following the Samba4 HOWTO Wiki at:
http://wiki.samba.org/index.php/Samba4/HOWTO, and building from the "git"
repository.  The system seems to be working well, but I've spent weeks
trying to find an answer to this on Google, but have turned up empty so
far.)



-- 
    Charles Tryon
_________________________________________________________________________
      "It's the job that's never started that takes longest to finish."
                                 -- Samwise Gamgee


More information about the samba-technical mailing list