[Samba] Help with fixing users and groups with the same SID in LDAP
IT at mcgeecorp.com
Mon Dec 2 12:45:48 MST 2013
I am working through the migration from samba3+ldap to samba4 ads and
discovered some inconsistencies in our data in the process. We have several
user/group pairs that have the same SID because somehow uidNumber and
gidNumber were set to the same number.
Obviously this must be corrected for us to use the migration tool - I am just
a little unsure of how best to fix this. My first thought is to change the
gidNumbers to something unique and update the SID appropriately (by fixing the
last part of the SID using gidNumber * 2 + 1000).
If that is the proper approach are there any other concerns should I be aware
of? Is this safe to update on the production server while users may be
accessing it? I also have a samba3 file server that authenticates against the
same ldap directory... should samba and/or winbindd be restarted on that
machine after the updates are complete?
Thanks for any help!
More information about the samba