Hiya, Yep, that was my first thought but I noticed that there are two SIDs relating to the server, the machine SID and the Domain SID. Originally, when I migrated from NT I used "net getlocalsid <domain>" to pull the domain SID into secrets.tdb. If I then ran net getlocalsid <domain> the migrated sid would show.
If I run setlocalsid and insert the domain sid into it it's the machine sid that gets set. The new (incorrect) domain sid stays the same. I get the feeling that I'm being overcautious but I have 700 users hanging of this one and at the moment they can all log in albeit we can't add/remove users etc. If I change the SID and it goes completely tits I think they may all be at the door with pitchforks and torches ;) Anyway I suspect I'm missing something really obvious (as usual that damn wood's hiding the trees again) Cheers,, Jools On Sunday 20 Nov 2005 02:29, Craig White wrote: > On Sat, 2005-11-19 at 23:32 +0000, Julian Pilfold-Bagwell wrote: > > Hi all, > > > > I need help to clear a bit of confusion regarding SIDs on Samba servers. > > > > I had my PDC collapse on Thursday which wasn't too much of a problem as I > > had everything backed up but I'm now in the position that I have a > > mismatched Domain SID. If I run net getlocalsid I get the sid for the > > server (called smb0) and net get local sid <domain> returns the sid for > > the Domain. > > > > I need to recover the original domain SID but setlocalsid changes the SID > > for the machine. As it is, people can log onto the domain but I can't set > > up any new accounts or change user details with smbldap-tools. > > ---- > sounds like all you need to do is run 'net setlocalsid > S-1..............' with the SID the same as the PDC that collapsed > > Craig > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
