[Samba] Mommy, where do RIDs come from?

Logan Shaw lshaw at emitinc.com
Mon Jun 19 20:30:31 GMT 2006

Hey everyone,

I'm preparing for a transition in which I'll be moving
everything (PDC, WINS server, big file shares) off an old
Linux server running Samba 2.2.7 onto a much newer Linux system
running Samba 3.0.22.

In the process, I'll be switching from smbpasswd (only thing
supported under Samba 2.x, if I understand correctly) to
ldapsam on Samba 3.x.

I want to keep the same domain name and preserve SIDs for users
and machine accounts (and the domain) so that clients can just
start using the new PDC without disruption (except possible
reboot, which is OK), so my plan is to populate the password
database on the new server with the exact same usernames and
SIDs and hashes that are in use on the old server.  (I may
clean up the UIDs, though.)

However, I've noticed something odd:  /etc/samba/smbpasswd
on 2.2.7 doesn't contain any RIDs or SIDs.  And yet, if I run
rpcclient and do "lookupnames lshaw" against the 2.x server,
I can see that my (lshaw's) SID is formed of the domain SID
plus some RID that comes from somewhere.  But, *where* is
that RID coming from?  I presume it is some sort of persistent
mapping, but what stores it?  It's not in smbpasswd, because
it doesn't contain RIDs (only UIDs).  It doesn't seem to be
in any of the files /var/cache/samba/*.tdb either, but I could
be missing something.

I suppose since I can use rpcclient to get the correct SID,
this is partly just a matter of curiousity, but I think I'd
feel better if I knew what was really going on...

Also, as long as I'm asking questions, can anyone spot holes
in my idea of swapping out the PDC with a new one that has
identical data?  It seems like as long as the data is identical,
the clients should be able to transition over with no problems.
It'd be just like a client switching from a PDC to a BDC, right?

   - Logan

More information about the samba mailing list