[Samba] machine account want use algorithm than sambanextrid
Was questioned before with no answer, but have the same problem: With Samba 3.0.25 with ldap backend, what can i do for using algorithm rid = 2*uid + 1000, when samba create samba attributes (sambasid) of computer account, instead of SambaNextRid from SambaDomainName entry ? Background: I create a machine account with smbldap-tools. After that a uidNumber was given to the machine. If the machine logs on the first time a samba gives a SID to the machine using SambaNextRid. If I leave the SambaNextRid base to 1000 after a while adding machines the machine SIDs are in the range of the user/group SIDs, so it would be better to use the algorithm than SambaNextRid. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account want use algorithm than sambanextrid
On Wed, 2007-06-27 at 15:00 +0200, Peter Eser wrote: Was questioned before with no answer, but have the same problem: With Samba 3.0.25 with ldap backend, what can i do for using algorithm rid = 2*uid + 1000, when samba create samba attributes (sambasid) of computer account, instead of SambaNextRid from SambaDomainName entry ? Background: I create a machine account with smbldap-tools. After that a uidNumber was given to the machine. If the machine logs on the first time a samba gives a SID to the machine using SambaNextRid. If I leave the SambaNextRid base to 1000 after a while adding machines the machine SIDs are in the range of the user/group SIDs, so it would be better to use the algorithm than SambaNextRid. You shouldn't let smbldap tools create the SID. Samba can very well do it on its own, and that's the preferred and best way. All is need is the posixAccount to attach the sambaSamAccount to ... Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account want use algorithm than sambanextrid
Many thanks for the reply. My thought (from the docs) was that samba use the algorithm for sid building. That's was wrong guess? - Original Message - From: simo [EMAIL PROTECTED] To: Peter Eser [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, June 27, 2007 3:04 PM Subject: Re: [Samba] machine account want use algorithm than sambanextrid On Wed, 2007-06-27 at 15:00 +0200, Peter Eser wrote: Was questioned before with no answer, but have the same problem: With Samba 3.0.25 with ldap backend, what can i do for using algorithm rid = 2*uid + 1000, when samba create samba attributes (sambasid) of computer account, instead of SambaNextRid from SambaDomainName entry ? Background: I create a machine account with smbldap-tools. After that a uidNumber was given to the machine. If the machine logs on the first time a samba gives a SID to the machine using SambaNextRid. If I leave the SambaNextRid base to 1000 after a while adding machines the machine SIDs are in the range of the user/group SIDs, so it would be better to use the algorithm than SambaNextRid. You shouldn't let smbldap tools create the SID. Samba can very well do it on its own, and that's the preferred and best way. All is need is the posixAccount to attach the sambaSamAccount to ... Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account want use algorithm than sambanextrid
On Wed, 2007-06-27 at 15:11 +0200, Peter Eser wrote: Many thanks for the reply. My thought (from the docs) was that samba use the algorithm for sid building. That's was wrong guess? It used to, but we changed that some time ago. Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account want use algorithm than sambanextrid
On Wed, 2007-06-27 at 15:11 +0200, Peter Eser wrote: Many thanks for the reply. My thought (from the docs) was that samba use the algorithm for sid building. That's was wrong guess? Actually I fixed a bug where we were still using the algorithmic method by mistake when using pdbedit to add a workstation. The fix is in 3.0.25b Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] machine account want use algorithm than sambanextrid
Ah, ok. Now the whole story is that we store all our user information in a database and mirror the informations on the fly to the ldap tree, also things in sambaSamAccount. So if a user gets created, also sambaSamAccount becomes created and filled directly, idmap becomes also filled... I now tested to change the machine account sid afterwards. Thought that after modifying the sid the client computer cannot log in anymore, but it works. So if nobody vetos I will go this way :) Many Thanks - Original Message - From: simo [EMAIL PROTECTED] To: Peter Eser [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, June 27, 2007 3:15 PM Subject: Re: [Samba] machine account want use algorithm than sambanextrid On Wed, 2007-06-27 at 15:11 +0200, Peter Eser wrote: Many thanks for the reply. My thought (from the docs) was that samba use the algorithm for sid building. That's was wrong guess? It used to, but we changed that some time ago. Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
