[Samba] Workstation SID Variability in Samba-Controlled Domains
Vincent Callanan
vincent at callanan.ie
Thu Mar 8 11:08:20 GMT 2007
Hi,
Does SAMBA regularly re-negotiate SID identity with member workstations. If
so, can this feature be disabled?
I am given to understand that Microsoft domain controllers "regularly"
re-negotiate SID updates with member workstations.
There is an understandable security premise for doing this, however, it is a
serious problem for installations which deploy workstation "self-restore"
functionality using Norton Ghost or such like. After a few weeks, the self
restore will not work because the original workstation SID is no longer
current in the server machine database. It is then necessary to re-do the
tedious domain re-join procedure, which defeats the whole purpose.
BTW, I am new to SAMBA and extremely pleased thus far!!! Thanks to you guys
for excellent work!
Regards,
Vincent Callanan
More information about the samba
mailing list