[KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a anybody?

Adam Williams members@kalamazoolinux.org
Wed, 14 Jan 2004 11:18:01 -0500

Previous message: [KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a anybody?
Next message: [KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a anybody?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> |Groups mappings aren't in secrets.tdb.  But if you nuke it Samba will
> |dutifully recreate it, shouldn't be a problem.
> |
> Nukeing it ideintified the location of the group mappings.  They were
> objectclasses that were added to the posixgroups in LDAP.  I zapped em
> with gq.
> I don't know if there are any random spontaneous components to an SID
> so I should probably double check that re-createing secrets.tdb didn't
> change it at all.

The SID is the domain Domain SID || "-" || RID

RID for a user is 2(uidNumber)+1000
RID for a group is 2(gidNumber)+1001

...except for builtin groups like power users or administrators which
have static RIDs.  But all static RIDs are less than 1000, so no
potential overlap (since we are adding at least 1000 to the
uidNumber/gidNumber).

So my domain SID is S-1-5-21-2037442776-3290224752-88127236  (the PDC
and all BDCs have the domain SID as thier SID - for the machine
account).  My uidNumber is 437, so the SID of my account is
S-1-5-21-2037442776-3290224752-88127236-1874

2(437) + 1000 = 1874

Previous message: [KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a anybody?
Next message: [KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a anybody?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]