[Samba] samba3.0.22 - "net setlocalsid" with no effect

Friedrich Strohmaier listen_div at bits-fritz.de
Fri Apr 4 00:09:39 GMT 2008 

Hi Doug, *,

again for whatever reason the listmail did not arrive in my mailbox. The
private copy did! Hmmm.

Doug VanLeuven schrieb:
>Friedrich Strohmaier wrote:
>> Douglas VanLeuven schrieb:
>>
>> [..]
>>
>>> I can't tell what you're trying to do from what you've described.
>>> It looks like you set the local machine sid and it worked.
>>
>> It was the SID of the machine acting as PDC ..

[..]

>>>> root# net setlocalsid SID_WANTED
>>>> root#
>>>>
>>>> root# net getlocalsid
>>>> SID for domain DOMAIN is: SID_WANTED

here I read wrong: DOMAIN was'nt the Name of the domain but the pdc's
hostname (and netbios name).

>Might try
>~   net rpc getsid
>Which is supposed to "fetch the domain sid into the local secrets.tdb"

Tried this but it fetched SID_NOT_WANTED into secrets.tdb

>I've never used these commands.  I've always viewed them as either
>useful for recovery from crash without backup, or setting the SID of a
>backup samba PDC.

Exactly what I want to do..

> For a workstation, even if you manage to get the
> SID's to agree with a prior install, the machine password on the PDC
> and on the workstation wouldn't agree.  If it's new workstation name,
> there won't be an account for the workstation on the PDC.

Oh, aparently I did not explain well the configuration. All workstations
are Win2k boxes. The one I tried to login with is one of about twenty
waiting for the day they meet again a well prepaired samba PDC offering
a domain with the same (SID) as it's father(+) did. All of them hold
meanwhile locally one or more daily updated profiles which will be lost,
if I don't succeed.

> Why not simply
>~  net rpc join

Join the PDC to the "new" domain with old name?

>and allow the normal mechanisms to work?

Accidently two workstations where joined to the "new" domain (with old
name) wich caused unwanted results.

I called paid support which mentioned command
net setdomainsid

which sounds good.

I got "net getdomainsid" to work which shows the difference between
pdc's machine SID and domain's SID.

Both commands aren't listed in "man net" of samba 3.0.22 and the first
one is not recognized. :o((

I'll report further.

Your help is highly apreciated.
-- 
Friedrich
beste Grüße/best regards
von der/from the
Sonnenalb - Germany

More information about the samba mailing list