Samba3 + OpenLdap classicupgrade problems - Administrator sambaSID != *-500

Michael Wood esiotrot at
Sat Apr 12 11:14:28 MDT 2014

But then presumably you could rename the existing Administrator account to
OldAdministrator and then create another account called Administrator with
the expected SID?

Michael Wood
On 12 Apr 2014 4:54 PM, "Marc Muehlfeld" <samba at> wrote:

> Hello Kamen,
> Am 12.04.2014 13:40, schrieb Kamen Mazdrashki:
>> Just change the SID of your Administrator account in your ldap tree before
>>> start classic upgrade
>>> In your case, S-1-5-21-2051375009-2767682937-3133487178-2024 must become
>>> S-1-5-21-2051375009-2767682937-3133487178-500
>>>  I see you have done this before in mailing list and I wonder what
>> side-effects should
>> I expect from changing sambaSID in OL? I am testing with very basic
>> installation
>> and I have no sane way to verify for implications from such change.
> E. g. if you have a Windows machine, where you have put the administrator
> account into share or filesystem permissions, this would get lost. Windows
> store the SID instead of username/groups in it's ACLs.
> Regards,
> Marc

More information about the samba-technical mailing list