[Samba] Issue with samba SID
Moisés Barba Pérez
mbarperoi at gmail.com
Wed Mar 16 02:32:19 MDT 2011
Is it possible to configure SIDs genertion for users and computers in the
old style (2*id) + 1000???
2011/3/15 TAKAHASHI Motonobu <monyo at monyo.com>
> From: Moisés_Barba_Pérez <mbarperoi at gmail.com>
> Date: Tue, 15 Mar 2011 13:06:03 +0100
>
> > I have a samba PDC with LDAP, samba 3.0.33 and 389DS 1.2.5. I am
> adding
> > computer accounts with smbldap-useradd script configured in smb.conf like
> > this:
> >
> > add machine script = /usr/bin/perl -w
> > /opt/ldap/smbldap-tools/bin/smbldap-useradd -w -c '%a' -t 10 -J Equipos
> '%u'
> >
> > My problem is that I get a samba sid I don't understand why samba
> creates
> > like that. I thought the users acounts have a samba sid = (2 * userid) +
> > 1000, and groups accounts have samba sid = (2 * groupid) + 1001. The
> > computers accounts have a different samba sid?, Isn't a computer accout
> the
> > same as an user account? my question is how samba generates the samba sid
> > for the computer account and If I can use the old style of samba sid
> > generation for computers accounts.
>
> If you use smbldap-tools, the SID for users and groups are generated
> by smbldap-tools with the way which you know, (2 * id) + 1000/1001.
>
> But the SID for computers are generated by Samba itself. Samba
> generates (any) SID in sequentially from 1000.
>
> If you use ldapsam:editposix, all SIDs for users, groups and computers
> are generated sequenctially from 1000.
>
> ---
> TAKAHASHI Motonobu <monyo at monyo.com>
>
>
More information about the samba
mailing list