[Samba] rid format in sambaSID
mike at jurney.org
mike at jurney.org
Fri Nov 14 19:18:23 GMT 2003
On Thu, 13 Nov 2003 mike at jurney.org wrote:
>
> Using ldap as my sam backend and Samba 3.0.0-2, I'm showing that samba
> stops parsing a RID when it encounters a letter. For example, I have an
> accounting group with gid 2771 and therefore rid ad3. When I list the
> groups in the samba domain, however, I get this listing:
>
> Domain Admins (DOMAINSID-512) -> Domain Admins
> Domain Users (DOMAINSID-513) -> Domain Users
> Domain Guests (DOMAINSID-514) -> Domain Guests
> marketing (DOMAINSID-0) -> marketing
> support (DOMAINSID-0) -> support
> sales (DOMAINSID-0) -> sales
> integrators (DOMAINSID-0) -> integrators
> accounting (DOMAINSID-0) -> accounting
>
> All of the groups showing RID 0 have RIDs that begin with a letter. This
> behavior applies to every entry in the SAM. What's going on here?
After discussion, it turns out that this isn't a bug - I was synthesizing
usee SIDs by appenting the _hexadecimal_ RID to the domain SID. I
modified my migration scripts to convert the (hex) rid: attribute in my
current ldap SAM to decimal, which resolved the problem.
Thanks everyone for your help.
--
Michael D. Jurney
mike at jurney.org
More information about the samba
mailing list