[Samba] Changing PDC Domain name
dtovey at emergecore.com
Tue Oct 11 18:13:32 GMT 2005
Jeremy Allison said:
> On Tue, Oct 11, 2005 at 11:51:32AM -0600, Dwight Tovey wrote:
>> Hello all.
>> What are the implications of changing the domain name for a PDC? If I
>> understand correctly, the SID is based on the domain name, so if the
>> domain name (workgroup) setting in smb.conf is changed, will that mean
>> that a new SID will be generated? If so, then I assume that all
>> user/group SIDs will have to be updated. If the domain name is
>> changed, can I just state that this is an entirely new domain and all
>> users/groups/machines will have to be created fresh?
> The SID isn't based on the domain name, but all the indexes in the tdb's
> are based on the domain name. So if you change it on the PDC then you
> could (with effort - ie. I don't think we ship tools to
> do this) modify these indexes to use the new domain name. I don't
> think Windows clients can do this though - change the domain name
> means a new domain for them.
Thanks. So if the domain name is changed, we can just declare that this
is an entirely new setup. In that case, should I delete all the tdb's? I
can probably delete the machine accounts from LDAP to force them to
rejoin. Would I need to recreate or update anything in the user or group
BTW: How does the SID get generated? At one time I wound up with a
sambaDomainName LDAP object that had a SID different from any other SID in
LDAP. I have no idea what I did to trigger this though and I haven't been
able to duplicate it yet.
Dwight N. Tovey
email: dtovey at emergecore.com
Work to Live : Live to Ride : Ride to Work
More information about the samba