How can I change the localSID for a SAMBA Server?

Question

I am trying to change the localSID for a SAMBA server, however I am unable to. I have tried the command "net setlocalsid" to no avail. To troubleshoot I have also stopped the smbd and nmbd services, but this did not help. Any help would be great!

root@TheWiggle:~# net getlocalsid
SID for domain THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# net getdomainsid
SID for local machine THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000
SID for domain THISDOMAIN is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# net setlocalsid S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net getlocalsid
SID for domain THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# net getdomainsid
SID for local machine THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000
SID for domain THISDOMAIN is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# net setdomainsid S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net getdomainsid
SID for local machine THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000
SID for domain THISDOMAIN is: S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net setlocalsid S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net getlocalsid
SID for domain THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# service smbd stop && service nmbd stop
smbd stop/waiting
nmbd stop/waiting

root@TheWiggle:~# net setlocalsid S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net getlocalsid
SID for domain THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000

root@TheWiggle:~# net setdomainsid S-1-5-21-33300351-1172445578-3061011111

root@TheWiggle:~# net getdomainsid
SID for local machine THEWIGGLE is: S-1-5-21-748580849-194208185-3916830000
SID for domain THISDOMAIN is: S-1-5-21-33300351-1172445578-3061011111

Not sure if it's gonna help, but *smbd* and *nmbd* daemons are not the only ones in Samba ver. 4. They only serve files and the remainder of domain services in implemented in *samba* daemon. It likely contains *samba* string in the service name. — sam_pan_mariusz, Dec 04 '15 at 07:19

score 1 · Answer 1 · answered Oct 24 '16 at 21:30

I was able to change the sid once I put the server in a backup domain controller mode. Since this server does not need to be an actual domain controller this mode was fine.

server role = classic backup domain controller

Hopefully this helps anyone with this issue!!!

score 0 · Answer 2 · answered Dec 13 '22 at 16:42

I had the same issue and before changing the netlocalsid of the HOST, I had to change the sambaSID of the sambaDomainName=HOST in the LDAP. After you changed the sambaSID with the value you want to change, the command # net setlocalsid works well.

How can I change the localSID for a SAMBA Server?

2 Answers2