[Samba] How can I change the localSID for a SAMBA Server?

Rowland penny rpenny at samba.org
Wed Dec 16 08:42:47 UTC 2015

On 16/12/15 07:44, Andrew Bartlett wrote:
> On Wed, 2015-12-16 at 01:35 +0100, Tetra wrote:
>> We don't need a domain for this system. The PCs used are currently
>> not
>> in a domain at all, the Linux PCs will not, the Macs like not, and
>> there
>> are even some Windows Home PCs that cannot join a domain. The Samba
>> servers are just for providing file shares in a way Windows
>> recognizes.
>> We don't want it to be possible to make users or change password
>> locally
>> on the samba servers, all that should be done in the LDAP Account
>> Manager (It can update linux and samba password at the same time.)
>> I haven't concluded yet, if this is how to do it, but it seems it is
>> a
>> possible way of doing it.
> Even if you don't think of the various Samba servers offering file
> shares as being in a domain, if they share a password database, the
> only supported way of doing so is if they are domain controllers.
> If you have nothing joined to the domain, it is harmless for the severs
> to also be a PDC or BDC of an NT4-like domain, and by doing so you step
> back inside the supported envelope, rather than hacking a currently
> -mostly working solution outside it.
> Andrew Bartlett

Thanks for confirming what I thought, a standalone server is a server 
that holds its own user & group database, if it connects to something 
else for the users & groups, it isn't a standalone server.


More information about the samba mailing list