Would remapping them correct the SIDs? Can I just >>use a LDAP editor and
manually change the SID to what it should be without >>screwing up other
things? To my understanding, all the important Samba >>data is stored in
LDAP. So I shouldn't have to worry about the >>contents of smbpasswd,
secrets.tdb, or anything of that nature, right?
Given I can just edit the SIDs, I do know that I may >>have to restart the
SMB daemon, rejoin some users to groups, correct >>the local
administrators group on workstations, etc. I >>understand the clean up, I
don't want to ruin anything else that's not a simple text >>edit or
command call.
There is a utility that allows you to change the domain's SID. Search the
archives and the documentation for "net setlocalsid"
I do not want to change the domain or the server SID. Doing so would
invalid the users I have already entered. I just want to fix a couple of
groups that have bad SIDs.
Looking through the IDEALX scripts, it appears that I can just edit
these SIDs with an LDAP editor; they appear to only modify the LDAP, no
other Samba files (secrets.tdb, etc). But I'm not certain and do not
want to proceed until I know I won't screw myself over by doing so.
Does anyone see anything wrong with this? Should I just delete these
groups and recreate them? Would that be a more smart way?
Thank you,
Jason
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
