From 772e9b2ac8335b4a9604171856ad903bd7de120a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 28 Aug 2002 08:13:29 +0000 Subject: There's no MACHINE.SID anymore... Volker (This used to be commit e9cd8fb2e3104e1f9fd27277c90e1d09e55a0cf4) --- docs/docbook/projdoc/Samba-BDC-HOWTO.sgml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml b/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml index 53a0959c39..7653e3d1c0 100644 --- a/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml +++ b/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml @@ -157,10 +157,17 @@ Several things have to be done: -The file private/MACHINE.SID identifies the domain. When a samba -server is first started, it is created on the fly and must never be -changed again. This file has to be the same on the PDC and the BDC, -so the MACHINE.SID has to be copied from the PDC to the BDC. +The domain SID has to be the same on the PDC and the BDC. This used to +be stored in the file private/MACHINE.SID. This file is not created +anymore since Samba 2.2.5 or even earlier. Nowadays the domain SID is +stored in the file private/secrets.tdb. Simply copying the secrets.tdb +from the PDC to the BDC does not work, as the BDC would +generate a new SID for itself and override the domain SID with this +new BDC SID. + + +To retrieve the domain SID from the PDC or an existing BDC and store it in the +secrets.tdb, execute 'net rpc getsid' on the BDC. -- cgit