[Samba] Help with fixing users and groups with the same SID in LDAP

Tim IT at mcgeecorp.com
Mon Dec 2 12:45:48 MST 2013

Hi - 

I am working through the migration from samba3+ldap to samba4 ads and 
discovered some inconsistencies in our data in the process. We have several 
user/group pairs that have the same SID because somehow uidNumber and 
gidNumber were set to the same number.

Obviously this must be corrected for us to use the migration tool - I am just 
a little unsure of how best to fix this. My first thought is to change the 
gidNumbers to something unique and update the SID appropriately (by fixing the 
last part of the SID using gidNumber * 2 + 1000). 

If that is the proper approach are there any other concerns should I be aware 
of? Is this safe to update on the production server while users may be 
accessing it? I also have a samba3 file server that authenticates against the 
same ldap directory... should samba and/or winbindd be restarted on that 
machine after the updates are complete? 

Thanks for any help!


More information about the samba mailing list