September 12th, 2003, 07:45 AM
Extracting Domain SID from the SAM?
Is there a way to do this? I have full access to the box (I'm typing this on it), and have extracted the SAM itself.
Our little Samba server here at home died, and I'd like to set up identical replacement machine accounts on the new server. Creating an account with the given SID is easy with samba (or so it seems), but I can't figure out how to get the SID itself.
Any tips? Or do I have to migrate each users profile manually (erg)?
Thanks in advance
September 12th, 2003, 12:14 PM
Search for sid2user en user2sid. These may come in handy.
If you can still logon the windowsclients (using cached credentials) you can also use regedt32 to find your SID. Just start regedt32 and look at the HKEY_USERS hive. Usually there are 2 or 3 SIDs visible. The one with the 1001 on the end is the local machines Guest account. The other one is probably the domain user SID. You will notice that the start of the SID of the local guest account is different from the domain user one.
Experience is something you don't get until just after you need it.
September 12th, 2003, 12:37 PM
A google search of "Extracting Domain SID from the SAM" revealed
Samba PDC Transparent Migration HOWTO
Was that something like you were looking for ?? I believe the link above to pwdump2 is borken though, you can search packet storm for the program, and others.
To transparently migrate users, all user information must be migrated from the NT PDC to the Samba machine as seamlessly as possible. The information to be migrated is:-
User account details - the username, real name and various flags associated with the user.
User passwords - necessary for any degree of transparency in the migration
Machine trust accounts - these must be migrated in order for the machine to remain a member of the domain. If they are not migrated correctly, the Samba server will not recognize the workstations as domain members.
All the above information is stored in the NT SAM database, on the PDC. To extract this information from the SAM, and translate it into a format that Samba can read, use the pwdump2 utility from http://www.webspan.net/~tas/pwdump2/
. Running this on the PDC will dump the necessary information from the SAM in the correct format for use as an smbpasswd file.
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
September 12th, 2003, 04:21 PM
Thanks guys, both your posts were extremely useful.
I can't believe i forgot to google, just one of those days, I guess