Extracting Domain SID from the SAM?
Results 1 to 4 of 4

Thread: Extracting Domain SID from the SAM?

  1. #1
    Junior Member
    Join Date
    Oct 2001
    Posts
    5

    Extracting Domain SID from the SAM?

    Is there a way to do this? I have full access to the box (I'm typing this on it), and have extracted the SAM itself.

    Our little Samba server here at home died, and I'd like to set up identical replacement machine accounts on the new server. Creating an account with the given SID is easy with samba (or so it seems), but I can't figure out how to get the SID itself.

    Any tips? Or do I have to migrate each users profile manually (erg)?

    Thanks in advance
    -Onager

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Search for sid2user en user2sid. These may come in handy.

    If you can still logon the windowsclients (using cached credentials) you can also use regedt32 to find your SID. Just start regedt32 and look at the HKEY_USERS hive. Usually there are 2 or 3 SIDs visible. The one with the 1001 on the end is the local machines Guest account. The other one is probably the domain user SID. You will notice that the start of the SID of the local guest account is different from the domain user one.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    A google search of "Extracting Domain SID from the SAM" revealed

    Samba PDC Transparent Migration HOWTO

    To transparently migrate users, all user information must be migrated from the NT PDC to the Samba machine as seamlessly as possible. The information to be migrated is:-

    User account details - the username, real name and various flags associated with the user.
    User passwords - necessary for any degree of transparency in the migration
    Machine trust accounts - these must be migrated in order for the machine to remain a member of the domain. If they are not migrated correctly, the Samba server will not recognize the workstations as domain members.

    All the above information is stored in the NT SAM database, on the PDC. To extract this information from the SAM, and translate it into a format that Samba can read, use the pwdump2 utility from http://www.webspan.net/~tas/pwdump2/ . Running this on the PDC will dump the necessary information from the SAM in the correct format for use as an smbpasswd file.
    Was that something like you were looking for ?? I believe the link above to pwdump2 is borken though, you can search packet storm for the program, and others.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  4. #4
    Junior Member
    Join Date
    Oct 2001
    Posts
    5
    Thanks guys, both your posts were extremely useful.
    I can't believe i forgot to google, just one of those days, I guess
    Thanks again
    -Onager

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •