[Samba] pdbedit -U -- recreating a set of Domain users...

Chris Hall chris.hall at halldom.com
Fri Jul 13 17:16:06 GMT 2007


Samba 3.0.25b.  tdbsam.  PDC

Since upgrading my PDC has stopped working correctly.  It may never have
been quite right...  I was running winbindd, which I understand was a
mistake.  But now it's worse.

So...  I thought I'd start the configuration from scratch.  I've
discarded all the configuration files, including passdb.tdb and
secrets.tdb.

I have set up a new secrets.tdb with the original domain SID.

I have restored all the group mappings.

I cannot restore the user and machine accounts with the previous SID/RID
values.  For the first account to be restored I do:

  pdbedit -am -U 1414 -u agrotera$

but pdbedit seems to ignore the -U parameter and gives a RID -1000.

I can do:

  pdbedit -r -U 1414 -u agrotera$

which fixes the RID, but pdbedit then complains about not being able to
find RID_00000586 key.

AFAIKS the passdb.tdb contains RID to UNIX name as well as UNIX name to
SID translation.  -r doesn't seem to fix the first !!

If there was a way to edit .tdb files, I'd do that.

Where do I go from here ?

Chris
-- 
Chris Hall   @ Home                                  +44 (0)7970 277 383


More information about the samba mailing list