[Samba] Two domains on same LDAP backend

John H Terpstra jht at Samba.Org
Thu Apr 14 14:49:59 GMT 2005

On Thursday 14 April 2005 04:44, Alex Forrow wrote:
> Hi folks,
> I have two samba hosted domains at two different offices. I would like
> them to use the same LDAP backend so that the accounts are exactly the
> same. Unfortunately, it seems that a users SID is linked to the domain
> that created it, so another domain cannot authenticate the user, even if
> it can see it in the LDAP directory, because the user SID doesn't match
> the domain.
> ... 
> My latest thought would be to set the domain SIDs the same on the two
> domains, could that help?

Suggest you set both Domain SIDs the same. Did you read the "Samba-3 by 
Example" book? You can download it from:


In particular chapter 6 of the current on-line version.

- John T.

More information about the samba mailing list