Re: [Samba] samba3.0.22 - "net setlocalsid" with no effect

[Doug VanLeuven]

Friedrich Strohmaier wrote:
Hi Doug, *,
again for whatever reason the listmail did not arrive in my mailbox. The
private copy did! Hmmm.

Doug VanLeuven schrieb:
  
Friedrich Strohmaier wrote:
    
Douglas VanLeuven schrieb:

[..]

      
I can't tell what you're trying to do from what you've described.
It looks like you set the local machine sid and it worked.
        
It was the SID of the machine acting as PDC ..
      

[..]

  
root# net setlocalsid SID_WANTED
root#

root# net getlocalsid
SID for domain DOMAIN is: SID_WANTED
          

here I read wrong: DOMAIN was'nt the Name of the domain but the pdc's
hostname (and netbios name).

  
Might try
~   net rpc getsid
Which is supposed to "fetch the domain sid into the local secrets.tdb"
    

Tried this but it fetched SID_NOT_WANTED into secrets.tdb

  
I've never used these commands.  I've always viewed them as either
useful for recovery from crash without backup, or setting the SID of a
backup samba PDC.
    

Exactly what I want to do..

  
I used a VM machine, FC5, samba-3.0.23c-1.fc5 because it's the scratch 
machine I have.
Here's what I did to reset the SID of the new PDC (hoping that's what 
you want to do)

#On the PDC, smbd, nmbd, & winbind stopped.

[EMAIL PROTECTED] ~]# testparm -sv 2>&1|less
..
Server role: ROLE_DOMAIN_PDC
..

[EMAIL PROTECTED] ~]# service smb start
Starting SMB services:                                     [  OK  ]
Starting NMB services:                                     [  OK  ]

# List current unwanted SID

[EMAIL PROTECTED] ~]# net getlocalsid
SID for domain VMPDC is: S-1-5-21-893123068-2258791905-4052818733

[EMAIL PROTECTED] samba]# net rpc info
Password:
Domain Name: VMWKGP
Domain SID: S-1-5-21-893123068-2258791905-4052818733
Sequence number: 1207290693
Num users: 1
Num domain groups: 0
Num local groups: 0

#Change PDC SID to something else

[EMAIL PROTECTED] samba]# net setlocalsid 
S-1-5-21-999999999-2258791905-4052818733
[EMAIL PROTECTED] samba]# net setdomainsid 
S-1-5-21-999999999-2258791905-4052818733

#Restart smbd (and winbind)

[EMAIL PROTECTED] samba]# service smb restart
Shutting down SMB services:                                [  OK  ]
Shutting down NMB services:                                [  OK  ]
Starting SMB services:                                     [  OK  ]
Starting NMB services:                                     [  OK  ]

#Wait a few seconds for nmbd to settle in

[EMAIL PROTECTED] samba]# sleep 5

# New PDC info

[EMAIL PROTECTED] samba]# net rpc info
Password:
Domain Name: VMWKGP
Domain SID: S-1-5-21-999999999-2258791905-4052818733
Sequence number: 1207290486
Num users: 1
Num domain groups: 0
Num local groups: 0

Regards, Doug


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba