[Samba] change local & domain sids and implications

lejeczek peljasz at yahoo.co.uk
Thu Mar 24 09:36:52 UTC 2016

On 23/03/16 19:40, Marc Muehlfeld wrote:
> Hello,
> Am 21.03.2016 um 17:45 schrieb lejeczek:
>> I'm thinking I'll grab whole lot of my ldap backend and change SID -
>> what will this cause to workstation/machine members?
>> I'm guessing users account should be fine and people would be able to
>> log in but machine would probably have to rejoin (if I can call it that,
>> because domain name is different).
> If you change the domain SID, everything is affected, because you're
> having a new domain. This means all workstations need to be rejoined.
> Also if your domain users are linked e. g. on Windows ACLs or are
> members of local groups, etc. this won't be resolved any more and needs
> to be fixed.
> What is the reason for this?
I have to change both samba workgroup name & DN under which 
all samba resides in ldap, and I hope I can preserve as much 
as possible.
I there a best practice for this?
many thanks.
> Regards,
> Marc

More information about the samba mailing list