[Samba] Primary Group SID incorrect - ahhhh

Chris Beach chrisb at pintys.com
Wed Nov 24 07:33:42 MST 2010 

I apologize, I somehow hit send in gmail and my message got prematurely
sent, here it is in it's entirety:

Hi,

I'm running 3.0.33-3.29.el5_5.1 .. migrating from 3.0.21a with an LDAP
back-end. I've use slapadd to import the LDIF file I've exported from my
original samba server, but it seems like samba isn't grabbing the Primary
Group SID from the ldif file. For Example:

dn: uid=chris,ou=Users,dc=orgon,
>
> dc=com
> sambaSID: S-1-5-21-3318375643-2463009161-752822123-3028
> sambaPrimaryGroupSID: *S-1-5-21-3318375643-2463009161-752822123-513*
> displayName: Chris
> creatorsName: cn=Manager,dc=orgon,dc=com
>
> I'll import this ldif file, but then when I run:
>
> pdbedit -v chris
>
> Unix username:        chris
> NT username:          chris
> Account Flags:        [U          ]
> User SID:             S-1-5-21-3318375643-2463009161-752822123-3028
> Primary Group SID:    *S-1-5-21-3870114210-992129106-2167290520-513*
> Full Name:            Chris
>
> Notice how the Primary Group SID is different?

         net getdomainsid
         SID for domain HAPPINESS3 is:
S-1-5-21-3870114210-992129106-2167290520
         SID for domain ORGON is: S-1-5-21-3318375643-2463009161-752822123

it seems to be using the local SID rather then domain SID from the ldif
file. I've got another server with an older version of samba which DOES use
the primary group SID from the ldif file when imported, I'm not sure if
samba changed how it uses it (seems like it might have from here: hxxp://
www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3323463),
but I can't figure out how to correct it.

Any help is REALLY appreciated, I've been stuck since last week on this.


On Wed, Nov 24, 2010 at 9:28 AM, Chris Beach <chrisb at pintys.com> wrote:

> Hi,
>
> I'm running 3.0.33-3.29.el5_5.1 .. migrating from 3.0.21a with an LDAP
> back-end. I've use slapadd to import the LDIF file I've exported from my
> original samba server, but it seems like samba isn't grabbing the Primary
> Group SID from the ldif file. For Example:
>
> dn: uid=chris,ou=Users,dc=orgon,dc=com
> sambaSID: S-1-5-21-3318375643-2463009161-752822123-3028
> sambaPrimaryGroupSID: *S-1-5-21-3318375643-2463009161-752822123-513*
> displayName: Chris
> creatorsName: cn=Manager,dc=orgon,dc=com
>
> I'll import this ldif file, but then when I run:
>
> pdbedit -v chris
>
> Unix username:        chris
> NT username:          chris
> Account Flags:        [U          ]
> User SID:             S-1-5-21-3318375643-2463009161-752822122-3028
> Primary Group SID:    *S-1-5-21-3870114210-992129106-2167290520-513*
> Full Name:            Chris
>
> Notice how the Primary Group SID is different?
>



-- 
Chris Beach
IT Analyst

More information about the samba mailing list