[Samba] PDC migration from samba-tng to samba 3
Scott Hanson
hanson at netlife.de
Fri Apr 2 12:42:17 GMT 2004
Thanks... that's the information that I was missing. LDAP is overkill
for our installation, but setting the SID explicitly seems to work with
tdbsam as well.
Regards,
Scott
Andrew Bartlett wrote:
> On Fri, 2004-04-02 at 05:05, Scott Hanson wrote:
>
>>Hello,
>>
>>I have inherited a samba-tng PDC (without ldap) that I am to upgrade to
>>samba 3. My first attempt failed miserably. I copied over the smbpasswd
>>and the domain SID, users were able to log in, but most were not able to
>>load their profiles.
>>
>>I think I have to copy over machine IDs, but I'm not sure how to
>>proceed. The migration section of the the howto doesn't seem to apply to
>>tng at all. Any tips or pointers on how to proceed?
>
>
> The problem is almost certainly that the the RID portion of thier SID
> has changed.
>
> This is because Samba-TNG sets it's algorithmic rid system to use:
>
> /* Take the bottom bits. */
> #define RID_MULTIPLIER 4
>
> Samba.org has always used a value of 2. To fix this, figure out the
> user's real RID
>
> == (uid * RID_MULTIPLIER)+1000
>
> and move your passdb to LDAP (pdb_ldap), where you can set the value
> explicitly (sambaSid). Samba 3.0 will then honour the existing SIDs, in
> the same way is honours sids from an NT domain migration.
>
> Andrew Bartlett
>
More information about the samba
mailing list