[Samba] UID of the windows Domain Administrator user?

Fabio Muzzi liste at kurgan.org
Sat Jun 4 13:19:59 GMT 2005

Hello Stéphane,

Saturday, June 4, 2005, 2:02:28 PM, you wrote:

SP> For joining a machine to domain, you must have a user with uid = 0.
SP> But, begin with samba 3.0.11, the privileges can be used for use a other
SP> user than root (uid = 0)
SP> You can read more information in this pages : 
SP> http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html

Yes, i have read this even if i have not yet tried it.

What I have not understood is why do I *need* an user with a SID ending in
500  (as  the  howto  says),  because  I  have never had one, and I had no
problems  at  all. The howto says I need one, but id does not say why, and
what happens id I don't have one.

SP> The "root" user is only used for that, but after joining a domain,
SP> changing the SID cause no problem.

You  say that I can change the SID of a domain user and the clients will not get
confused by this change?

SP> Actually, on my network I not enabled privileges (in my test network :
SP> yes  and  that  work). But, I use root user only for adding machine to
SP> domain,  for  the  rest of administration, I have a administrator user
SP> with  SID  =  S-1-5-21-xxxxxx-xxxx-xxxx-500  and  groupSID           =
SP> S-1-5-21-xxxxxx-xxxxx-xxxxx-512

Well, this seems to be a good idea anyway.


  Fabio "Kurgan" Muzzi

More information about the samba mailing list