[Samba] samba3.0.22 - "net setlocalsid" with no effect

Doug VanLeuven roamdad at sonic.net
Fri Apr 4 06:50:49 GMT 2008


Friedrich Strohmaier wrote:
> Hi Doug, *,
>
> again for whatever reason the listmail did not arrive in my mailbox. The
> private copy did! Hmmm.
>
> Doug VanLeuven schrieb:
>   
>> Friedrich Strohmaier wrote:
>>     
>>> Douglas VanLeuven schrieb:
>>>
>>> [..]
>>>
>>>       
>>>> I can't tell what you're trying to do from what you've described.
>>>> It looks like you set the local machine sid and it worked.
>>>>         
>>> It was the SID of the machine acting as PDC ..
>>>       
>
> [..]
>
>   
>>>>> root# net setlocalsid SID_WANTED
>>>>> root#
>>>>>
>>>>> root# net getlocalsid
>>>>> SID for domain DOMAIN is: SID_WANTED
>>>>>           
>
> here I read wrong: DOMAIN was'nt the Name of the domain but the pdc's
> hostname (and netbios name).
>
>   
>> Might try
>> ~   net rpc getsid
>> Which is supposed to "fetch the domain sid into the local secrets.tdb"
>>     
>
> Tried this but it fetched SID_NOT_WANTED into secrets.tdb
>
>   
>> I've never used these commands.  I've always viewed them as either
>> useful for recovery from crash without backup, or setting the SID of a
>> backup samba PDC.
>>     
>
> Exactly what I want to do..
>
>   
I used a VM machine, FC5, samba-3.0.23c-1.fc5 because it's the scratch 
machine I have.
Here's what I did to reset the SID of the new PDC (hoping that's what 
you want to do)

#On the PDC, smbd, nmbd, & winbind stopped.

[root at pine-fc4 ~]# testparm -sv 2>&1|less
..
Server role: ROLE_DOMAIN_PDC
..

[root at pine-fc4 ~]# service smb start
Starting SMB services:                                     [  OK  ]
Starting NMB services:                                     [  OK  ]

# List current unwanted SID

[root at pine-fc4 ~]# net getlocalsid
SID for domain VMPDC is: S-1-5-21-893123068-2258791905-4052818733

[root at pine-fc4 samba]# net rpc info
Password:
Domain Name: VMWKGP
Domain SID: S-1-5-21-893123068-2258791905-4052818733
Sequence number: 1207290693
Num users: 1
Num domain groups: 0
Num local groups: 0

#Change PDC SID to something else

[root at pine-fc4 samba]# net setlocalsid 
S-1-5-21-999999999-2258791905-4052818733
[root at pine-fc4 samba]# net setdomainsid 
S-1-5-21-999999999-2258791905-4052818733

#Restart smbd (and winbind)

[root at pine-fc4 samba]# service smb restart
Shutting down SMB services:                                [  OK  ]
Shutting down NMB services:                                [  OK  ]
Starting SMB services:                                     [  OK  ]
Starting NMB services:                                     [  OK  ]

#Wait a few seconds for nmbd to settle in

[root at pine-fc4 samba]# sleep 5

# New PDC info

[root at pine-fc4 samba]# net rpc info
Password:
Domain Name: VMWKGP
Domain SID: S-1-5-21-999999999-2258791905-4052818733
Sequence number: 1207290486
Num users: 1
Num domain groups: 0
Num local groups: 0

Regards, Doug




More information about the samba mailing list