fffffffffffffffffffOn 8 February 2012 10:18, Miguel Medalha <[email protected]> wrote: >
>> (...) The question is >> >> where do I set the domain SID? I remember doing it at some stage when >> I set-up the samba domain but I have forgotten. > > > The SID number is configured in /etc/smbldap-tools/smbldap.conf > > smbldap-tools comes with a script to assist in the basic configuration of > the tools. It's called "configure.pl" in most versions but the name was > recently changed to "smbldap-config.pl" > Thanks for the reply. I can't recall runnning configure.pl. Before I cause myself any harm, I thought I should check with the list. The smbldap.conf says to run `net getlocalsid` to obtain the SID for the config. When I do that I get a different SID from what I was expecting. I would have expected the domain part of the local machine SID to match the domains SID but they do not (see below) and I would have expected the local machine SID to match what is in the smbldap.conf. net getdomainsid SID for local machine PDC is: S-1-5-21-597566789-4152996160-2957772391 SID for domain FOO is: S-1-5-21-1979685110-1467996072-351907979 grep SID /etc/smbldap-tools/smbldap.conf #SID="S-1-5-21-2252255531-4061614174-2474224977" SID="S-1-5-21-900663976-1457140431-1537874043" When I create a new user, the user get a primary group SID that looks like S-1-5-21-1979685110-1467996072-351907979-513 and a SambaSID that reads: S-1-5-21-900663976-1457140431-1537874043-3290 So I need to change the way the domain part of the primary group SID is defined and possibly edit the smbldap.conf so that the SID uses the domain SID. Does that sound correct? If so, how can I modify the primary group SID? Thanks again, Dermot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
