[Samba] questions about classicupgrade in wiki

Klaus Hartnegg hartnegg at gmx.de
Tue Apr 10 15:12:42 UTC 2018


I'm just reading the wiki page
and stumble over a few things which I'm uncertain about:

The section "important notes" talks about RIDs. I do not understand the 
first part of that, but there are no local users except domain admin, 
and he has unix ID 1000, RID 1015 so this probably does not affect me.

The second part says "You should also consider removing any Unix IDs 
from the 'Well known SIDs', except for the 'Domain Users' group."
Later the same page says "If any of your users have a RID less than 
'1000' and you wish these to exist in the new AD domain, you will need 
to change their RID, see below for how to do this."
Are these two issues the same?

This is the result when I run "net groupmap list":
Domain Users (S-1-5-21-xxx-yyy-zzz-513) -> users
Domain Admins (S-1-5-21-xxx-yyy-zzz-512) -> smbadmin
Domain Guests (S-1-5-21-xxx-yyy-zzz-514) -> nobody
Do I need to change Domain Admins and Domain Guests?

There's the sentence "To find duplicate SID's on other passdb backends 
(smbpasswd, tdbsam), you have to script around the output of the 
following two commands"
What about this:
pdbedit -Lv  | grep "User SID" | sort | uniq -d
net groupmap list | cut -d- -f8 | sort | uniq -d
Is it sufficient when these two commands produce no output?


More information about the samba mailing list