[KLUG Members] Help for upgrade to Samba 3.0.1 (LDAPSAM) fm 2.2.8a
anybody?
Jim C.
members@kalamazoolinux.org
Wed, 14 Jan 2004 10:55:52 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is what I was refereing to:
[root@enigma root]# net3 getlocalsid
[2004/01/14 10:54:31, 0] utils/net.c:net_getlocalsid(414)
~ Can't fetch domain SID for name: ENIGMA
Adam Williams wrote:
|>|Groups mappings aren't in secrets.tdb. But if you nuke it Samba will
|>|dutifully recreate it, shouldn't be a problem.
|>|
|>Nukeing it ideintified the location of the group mappings. They were
|>objectclasses that were added to the posixgroups in LDAP. I zapped em
|>with gq.
|>I don't know if there are any random spontaneous components to an SID
|>so I should probably double check that re-createing secrets.tdb didn't
|>change it at all.
|
|
|The SID is the domain Domain SID || "-" || RID
|
|RID for a user is 2(uidNumber)+1000
|RID for a group is 2(gidNumber)+1001
|
|...except for builtin groups like power users or administrators which
|have static RIDs. But all static RIDs are less than 1000, so no
|potential overlap (since we are adding at least 1000 to the
|uidNumber/gidNumber).
|
|So my domain SID is S-1-5-21-2037442776-3290224752-88127236 (the PDC
|and all BDCs have the domain SID as thier SID - for the machine
|account). My uidNumber is 437, so the SID of my account is
|S-1-5-21-2037442776-3290224752-88127236-1874
|
|2(437) + 1000 = 1874
|
|_______________________________________________
|Members mailing list
|Members@kalamazoolinux.org
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFABZC357L0B7uXm9oRAnAgAJ9m5ex/XT2LWt1yi1vIYBfnE746jwCfW2UY
XedF8qWn9vP6dHIjC6VX9Nk=
=hFHA
-----END PGP SIGNATURE-----