[Samba] How to change objectSid?
Diego Woitasen
diego at woitasen.com.ar
Wed Feb 5 18:14:22 MST 2014
On Wed, Feb 5, 2014 at 6:43 PM, Michael Brown <michael at netdirect.ca> wrote:
> On 14-02-05 04:17 PM, Andrew Bartlett wrote:
>> Yes, I like that solution. I'm going to do it in that way.
>>
>> The only remaining issue are the new workstations. I'll need to copy
>> the new machines from S3 to S4. If we don't do it, it's not a serious
>> issue, but it would be great. I think our client is not going to buy a
>> lot of machine in the middle of the migration :)
>> It should be pretty easy to rejoin those machines, if that helps avoid
>> another special case to handle.
> Speaking as someone who had to delete a bunch of computer accounts prior
> to his 3→4 migration and rejoin them to the realm afterwards (yeah… a
> lot of them had duplicate SIDs or a blank last part of the SID
> (interpreted as -0)), rejoining them is pretty easy and works just fine.
>
> You could even precreate the accounts or delegate that right.
>
> As long as the domain SID isn't changing you should be fine.
>
Could you clarify this? Andrew mentioned the same. How does the rejoin
work? Or the "precreate" process that you mention.
I have 500> in some sites, if rejoin means to go one by one, I don't
like that solution :)
--
Diego Woitasen
Linux and Open Source solutions architect at www.vhgroup.net
More information about the samba
mailing list