[Samba] Duplicate sambaSID - How to avoid?

Roger Eisenecher roger.eisenecher at icer.ch
Tue Nov 1 16:50:01 GMT 2005

Hash: SHA1

Hi List

We habe about 150 Clients in our network. All clients are participants
of the domain. We deploy our images with Ghost. The image is prepared
with SYSPREP which will generate a new SID on the first boot of the
machine. We automated the process to join the machines automatically to
our domain with some tools. Our Domain server runs with samba 3.0.13,
OpenLDAP as the backend and smbldap-tools. In most cases the machines
could join the domain without any problems. But sometimes samba tries to
join them with an already existing sambaSID so the join will fail. The
corresponding entries in the log file looks like:

[2005/11/01 16:11:57, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1795)
  ldapsam_add_sam_account: SID
'S-1-5-21-3654624081-408594837-1692793938-3108' a
lready in the base, with samba attributes
[2005/11/01 16:11:57, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350)
  could not add user/computer sysw2130$ to passdb.  Check permissions?
[2005/11/01 16:11:58, 0] lib/util_sock.c:write_socket_data(430)

And yes, samba is right: The given sambaSID exists already in LDAP for
another machine. So my question: Could someone explain me how the
sambaSID will be calculated? How could it happen that two different
machines get the same sambaSID?

Any suggestions are very welcome ;-)

kindly regards

Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list