[Samba] Classic Upgrade changes domain SID
Rowland Penny
rpenny at samba.org
Sun Aug 27 10:15:18 UTC 2023
On Sun, 27 Aug 2023 11:50:36 +0200
Peter Koch via samba <samba at lists.samba.org> wrote:
> Dear samba experts,
>
> I did a classic upgrade from a Samba 3.6.14 samba NT4 DC to a
> Samba 4.18.2 AD-DC. It does not work and I just want to make sure
> that I have the correct understanding of our domain SID.
>
> On our old Samba server net getdomainsid shows:
> SID for local machine SERV00 is:
> S-1-5-21-1415314133-2460755331-2761616138 SID for domain NAV is:
> S-1-5-21-1415314133-2460755331-2761616138
>
> But Classic Upgrade script says:
> .....
> Unable to determine the DomainSID, can not enforce uniqueness
> constraint on local domainSIDs
I wouldn't worry about that, you get that even when you create a new
domain. It is one of those pointless things that mean absolutely
nothing.
> .....
> INFO 2023-08-27 10:50:08,940 pid:8522
> /usr/samba/lib64/python3.9/site-packages/samba/provision/__init__.py
> #496: DOMAIN SID:
> S-1-5-352321536-3589954388-2200284306-183212708
> .....
Can you please post the command that you used to carry out the classic
upgrade.
>
> And net getdomainsid on the neu AD-DC shows:
> SID for domain NAV is: S-1-5-352321536-3589954388-2200284306-183212708
>
> Isn't the whole idea of the classic upgrade to migrate a NT4-DC into
> an AD-DC WITHOUT changing the domain SID?
>
Yes, as it is the SID that identifies the domain, you should expect to
get the same SID.
Rowland
More information about the samba
mailing list