On Sat, 2006-03-18 at 16:50 -0500, Pablo Chamorro C. wrote: > > #2 - what do you get from command... 'net getlocalsid' ? > > I get this: > > SID for domain XXX is: S-1-5-21-2502698289-3639879065-7544774837 > > and the output of 'net getlocalsid DOMAIN' is: > > SID for domain DOMAIN is: S-1-5-21-2502698289-3639879065 > > oops! it seems the error is here, XXX is our PDC name. I kept a copy of > the previous secrets.tdb. Comparing, I can see two differences: the > INFO\sandom_seed key changed and so does the SECRETS/SID/DOMAIN key! and I > can see that both the DOMAIN and PDC SID were the same!. > > Is it ok to change the SID for my DOMAIN as it was before in spite of the > fact that that SID is the same PDC SID? or do I need to change the PDC > SID too? ---- No - but it would seem to me that the DOMAIN SID is stored in LDAP and not in secrets.tdb...
The PDC is the DOMAIN and obviously the SID for a PDC and the DOMAIN should be the same. ---- > > I appreciate very much your help. We're gonna update our samba.schema > and to review our smbldap-tools config. ---- sounds like it might not be the config at all...but you better verify that the smbldap-config file has the right SID Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba