[Samba] change local & domain sids and implications

Marc Muehlfeld mmuehlfeld at samba.org
Wed Mar 23 19:40:11 UTC 2016


Hello,

Am 21.03.2016 um 17:45 schrieb lejeczek:
> I'm thinking I'll grab whole lot of my ldap backend and change SID -
> what will this cause to workstation/machine members?
> I'm guessing users account should be fine and people would be able to
> log in but machine would probably have to rejoin (if I can call it that,
> because domain name is different).

If you change the domain SID, everything is affected, because you're
having a new domain. This means all workstations need to be rejoined.
Also if your domain users are linked e. g. on Windows ACLs or are
members of local groups, etc. this won't be resolved any more and needs
to be fixed.

What is the reason for this?


Regards,
Marc




More information about the samba mailing list