[Samba] Classic Upgrade changes domain SID
sambamailinglist at gmail.com
Mon Aug 28 21:46:51 UTC 2023
Hi Andrew and Roland,
I spent some hours today to debug the problem by
adding lots of printf-statements into the samba4
Here are my findings:
- upgrade.py calls passdb.get_global_sam_sid()
- get_global_sam_sid() calls pdb_generate_sam_sid()
- pdb_generate_sam_sid() calls secrets_fetch_domain_sid()
- secrets_fetch_domain_sid() calls secrets_fetch()
- secrets_fetch() calls dbwrap_fetch()
- dbwrap_fetch() reads the correct file and returns
exactly the binary string that tdbdump displays
At this point I was really astonished: Everything works
as expected but the resulting domain SID nevertheless is
wrong. And then I realized the reason:
My old secrets.tdb file contains the following SID-data:
My old samba3-server is a Sun Sparc machine with
MSB byte order while my new samba4-server is an
Intel machine with LSB byte order.
are the same SIDs, just the byte ordering of the last
4 numbers was reversed.
Now my concern is that not only secrets.tdb contains
machine dependent data, but other tdb-files do as well.
I will fix the secrets.tdb file with a hex-editor and let
you know what happens.
More information about the samba