[Samba] Changing PDC Domain name

Dwight Tovey dtovey at emergecore.com
Tue Oct 11 18:13:32 GMT 2005


Jeremy Allison said:
> On Tue, Oct 11, 2005 at 11:51:32AM -0600, Dwight Tovey wrote:
>> Hello all.
>>
>> What are the implications of changing the domain name for a PDC?  If I
>> understand correctly, the SID is based on the domain name, so if the
>> domain name (workgroup) setting in smb.conf is changed, will that mean
>> that a new SID will be generated?  If so, then I assume that all
>> user/group SIDs will have to be updated.  If the domain name is
>> changed, can I just state that this is an entirely new domain and all
>> users/groups/machines will have to be created fresh?
>
> The SID isn't based on the domain name, but all the indexes in the tdb's
> are based on the domain name. So if you change it on the PDC then you
> could (with effort - ie. I don't think we ship tools to
> do this) modify these indexes to use the new domain name. I don't
> think Windows clients can do this though - change the domain name
> means a new domain for them.
>
> Jeremy.

Thanks.  So if the domain name is changed, we can just declare that this
is an entirely new setup.  In that case, should I delete all the tdb's?  I
can probably delete the machine accounts from LDAP to force them to
rejoin.  Would I need to recreate or update anything in the user or group
entries?

BTW: How does the SID get generated?  At one time I wound up with a
sambaDomainName LDAP object that had a SID different from any other SID in
LDAP.  I have no idea what I did to trigger this though and I haven't been
able to duplicate it yet.

    /dwight
-- 
Dwight N. Tovey
email: dtovey at emergecore.com
---------
Work to Live : Live to Ride : Ride to Work





More information about the samba mailing list