[Samba] Re: samba Digest, Vol 55, Issue 18
dkrnic at googlemail.com
Wed Jul 18 14:07:24 GMT 2007
What's wrong with WARLOCK?
Just kidding. If you don't like it, change it, but do expect problems.
It's not something you will find a recipee for in a How-to book.
The SETLOCALSID changes only the LOCAL SID, not the
GLOBAL SID, for which we would probably need SETGLOBALSID.
When I faced the same problem, I did something really wrong
but it worked. I copy-pasted the LOCAL SID to the GLOBAL SID
Now in your case, it would probably be even easier to just think up
a new 7-letter word to overwrite the current name in both "smb.conf"
Unfortunately WARLOCK is also tatooed in several places in each
client's registry. Hopefully, pasting over the new name with a .reg script
will obviate the need to re-join the domain. Try it out, when there is no
one to disturb. Back up "/etc/samba" and "/var/lock/samba" with smb
and nmb stopped so that you can back out of it if necessary.
> From: Didster <didster at gmail.com>
> To: samba at lists.samba.org
> Date: Tue, 17 Jul 2007 12:31:52 +0100
> Subject: [Samba] Changing domain name
> For reasons best known to the IT admin before myself, we currently
> have a domain name of WARLOCK. I want to change this. We have about
> 15 WinXP Pro client machines on the domain as well as a few linux
> domain clients.
> A bit of reading shows that it should be as simple as doing a net
> getlocalsid, making the change, followed by a net setlocalsid.
> I started doing this when I noticed something [The PDC machine name is North]:
> north:~# net getlocalsid
> SID for domain NORTH is: S-1-5-21-2864586203-3687421127-69847892
> north:~# net getlocalsid WARLOCK
> SID for domain WARLOCK is: S-1-5-21-403220451-921850273-241492889
> According to this in the how to: Chapter 13. Remote and Local
> Management: The Net Command
> "First, do not forget to store the local SID in a file. It is a good
> idea to put this in the directory in which the smb.conf file is also
> stored. Here is a simple action to achieve this:
> root# net getlocalsid > /etc/samba/my-sid
> Good, there is now a safe copy of the local machine SID. On a PDC/BDC
> this is the domain SID also."
> It says that on a PDC, it should give the domain SID. So, why on my
> PDC do I get different results for getlocalsid and getlocalsid
> <DOMAINNAME WHICH NORTH IS PDC FOR>?
> I'm probably being stupid, but worried if I change the domain name,
> and do a "setlocalsid S-1-5-21-403220451-921850273-241492889" it will
> just change the SID of the machine, and I wont be able to restore the
> domain SID.
More information about the samba