[Samba] samba 3.0 with ldap / sambaSID
John H Terpstra
jht at samba.org
Fri Sep 12 07:49:28 GMT 2003
On Fri, 12 Sep 2003, jean-marc pouchoulon wrote:
> >Hello,
>
> >I'm lloking for a way to convert my company's existing samba2.2 ldap
> backed service to samba 3.0. What's particulary
> >making me curious is the sambaSID. As I've read it is the unique
> identifier of a PDC in the windows world. So, how does
> >samba3 generate this? Is it supposed to be changed by the admin or is
> it determined by samba on the first startup? Any >
> >pointer to a doc describing this in more depth would be apreciated.
>
> I think the ldif provide here is generated on the first creation account
> with pdbedit -a
>
> dn: sambaDomainName=DOMAIN,o=xxxx,c=fr
> sambadomainname: DOMAIN
> sambaalgorithmicridbase: 1000
> objectclass: sambaDomain
> creatorsname: cn=dir manager
> createtimestamp: 20030818142849Z
> sambasid: S-1-5-21-XXXXXXXXXX-XXXXXXX-XXXXXXXX
> modifiersname: cn=Directory Manager
> modifytimestamp: 20030818171356Z
>
> You can find sid domain with :
>
> net getlocalsid DOMAINE_NAME
> SID for domain DOMAIN is: S-1-5-21-XXXXXXXXXX-XXXXXXX-XXXXXXXXXX
>
> He is different from localsid on the same machine:
The Domain SID and the PDC SID will be the same. Here is the output of
these on my PDC:
frodo:~ # net getlocalsid
SID for domain FRODO is: S-1-5-21-1593769616-160655940-3590153233
frodo:~ # net getlocalsid MIDEARTH
SID for domain MIDEARTH is: S-1-5-21-1593769616-160655940-3590153233
C'est la vie.
Bonjour,
- jean-henri
>
> net getlocalsid
> SID for domain SERV1 is: S-1-5-21-XXXXXXXXX-XXXXXXXX-XXXXXXXX
>
> As I migrate fron an alpha version , I change it straighly in the ldap
> directory.
> I didn't find any command to change it on the ldap server except an
> ldapmodify.
> There is also a command that go back on the last sid.
>
> I have a doc ... In french.
>
>
> Jean-Marc Pouchoulon
>
>
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list