[Samba] Domain SID vs. Local SID on Domain Controller & SID requirements
Linda Walsh
samba at tlinx.org
Tue Sep 15 23:29:28 MDT 2009
simo wrote:
> On Tue, 2009-09-15 at 11:42 -0700, Linda Walsh wrote:
>> IF a samba server is setup to be a domain controller, should
>> it's local SID = the domain SID?
>
> yes the PDC exports the "local SAM" as the "domain SAM"
> (the SAM is the DB where user information is stored including SIDs)
----
excellent!
>> If I have a simple setup, and want a sid I can remember can I
>> just make it 'short'?
>
> No, users SID are composed of Domain SID + RID, the Domain SID part is
> identical for all domain user and is generated once by the PDC at
> installation time.
------------
Sorry -- my fault -- I wasn't clear, I meant setting the the
Domain SID (Net setdomainsid S-1-5-21-1-2-3).
Sounds like the answer is yes...it can be any 32-bit int in those fields.
More information about the samba
mailing list