[Samba] Non-algorithmic RIDs

Misty Stanley-Jones misty at borkholder.com
Fri May 20 13:42:10 GMT 2005

When I set up my initial users for the Samba domain i did not realize that 
RIDs were supposed to be dynamic.  I was creating the user as a posixAccount 
in LDAP, and then adding the Samba elements via a script  that I wrote.  
Their RIDs are the same as their UID.  For instance if I have a user with 
uidNumber 1036, her SID would be <domain-SID>-1036.  This is fine except for 
idmapping for member servers, for ACLs.  I have about 30 users with this 
problem.  Is there a non-disruptive way for me to convert their RIDs to be 
algorithmic based on their UIDs, without destroying their roaming profiles 
etc?  If not I think we will just have to deal with not being able to use 
ACLs on member servers, but I thought I would query first.  To reiterate, we 
are using a LDAP backend.


More information about the samba mailing list