[Samba] RID/SIDs

Fri Jan 28 16:26:32 GMT 2005

Hi,

does this mean that, in an ads domain, the net getlocalsid command must
return the sid of the ads domain ?

Thanks for your answers,

Christian

> -----Message d'origine-----
> De : samba-bounces+christian.haessig=ircad.u-strasbg.fr at lists.samba.org
> [mailto:samba-bounces+christian.haessig=ircad.u-strasbg.fr at lists.samba.o
> rg]De la part de John H Terpstra
> Envoyé : vendredi 28 janvier 2005 17:08
> À : samba at lists.samba.org; Daniel Corbe
> Objet : Re: [Samba] RID/SIDs
>
>
> On Friday 28 January 2005 07:52, Daniel Corbe wrote:
> > Hey
> >
> > Can someone point me to a FAQ or an RTFM on what SIDs and RIDs are and
> > how to generate them properly?
>
> The SID is generated automatically by Samba. If you change a
> Samba server name
> or workgroup name a new SID will be generated. This is a strong
> argument in
> favor of backing up the SID. You can obtain the SID of the Samba
> server by
> executing:
>
> 	net getlocalsid
> 	SID for domain FRODO is: S-1-5-21-726309263-4128913604-1168186429
>
> The SID can be restored by executing:
> 	net setlocalsid S-1-5-21-726309263-4128913604-1168186429
>
> In a Windows NT4 or ADS domain the RID is generated as the
> account is created.
> The user SID = domain_SID+RID, in the above case the SID for my
> user account
> is S-1-5-21-726309263-4128913604-1168186429-4214.
>
> Samba uses an algorithm to create a RID from the users UID. The default
> algorithm is:   RID = (UID x 2) + 1000
>
> The best source of documentation for how this is handled in Samba
> is in the
> source code.
>
> - John T.
> --
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> Samba-3 by Example, ISBN: 0131472216
> Hardening Linux, ISBN: 0072254971
> Other books in production.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba