[Samba] RID/SIDs
John H Terpstra
jht at Samba.Org
Fri Jan 28 16:08:08 GMT 2005
On Friday 28 January 2005 07:52, Daniel Corbe wrote:
> Hey
>
> Can someone point me to a FAQ or an RTFM on what SIDs and RIDs are and
> how to generate them properly?
The SID is generated automatically by Samba. If you change a Samba server name
or workgroup name a new SID will be generated. This is a strong argument in
favor of backing up the SID. You can obtain the SID of the Samba server by
executing:
net getlocalsid
SID for domain FRODO is: S-1-5-21-726309263-4128913604-1168186429
The SID can be restored by executing:
net setlocalsid S-1-5-21-726309263-4128913604-1168186429
In a Windows NT4 or ADS domain the RID is generated as the account is created.
The user SID = domain_SID+RID, in the above case the SID for my user account
is S-1-5-21-726309263-4128913604-1168186429-4214.
Samba uses an algorithm to create a RID from the users UID. The default
algorithm is: RID = (UID x 2) + 1000
The best source of documentation for how this is handled in Samba is in the
source code.
- John T.
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba
mailing list