[Samba] How can I change the localSID for a SAMBA Server?

Andrew Bartlett abartlet at samba.org
Wed Dec 16 07:44:19 UTC 2015

On Wed, 2015-12-16 at 01:35 +0100, Tetra wrote:

> We don't need a domain for this system. The PCs used are currently
> not 
> in a domain at all, the Linux PCs will not, the Macs like not, and
> there 
> are even some Windows Home PCs that cannot join a domain. The Samba 
> servers are just for providing file shares in a way Windows
> recognizes. 
> We don't want it to be possible to make users or change password
> locally 
> on the samba servers, all that should be done in the LDAP Account 
> Manager (It can update linux and samba password at the same time.)
> I haven't concluded yet, if this is how to do it, but it seems it is
> a 
> possible way of doing it.

Even if you don't think of the various Samba servers offering file
shares as being in a domain, if they share a password database, the
only supported way of doing so is if they are domain controllers.

If you have nothing joined to the domain, it is harmless for the severs
to also be a PDC or BDC of an NT4-like domain, and by doing so you step
back inside the supported envelope, rather than hacking a currently
-mostly working solution outside it. 

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list