1. On a working Samba-3.3.4 system execute the following and record the values reported: net getlocalsid net getdomainsid 2. Change the workgroup name 3. stop smbd, nmbd, and winbind 4. delete the secrets.tdb file 5. Start samba daemons: smbd nmbd winbind 6. Reset the original domain sid using: net setdomainsid S-1-5-21-xxxxxxxxxxx-xxxxxxxxx-xxxxxxxxx per the values obtained from 'net getdomainsid' The error message is: "Cannot fetch local SID." This bug is blocking deployment of a commercial Samba server because it is used to ensure that the domain SID does not change when the domain name is modified. This bug seems to be similar to Bug# 6033.
Note: This problem is critical for systems that use LDAP as the passwd backend.
Give me a few days and I can provide more detail.
John, is it possible that by removing secrets.tdb you also deleted the ldap admin password? I can't reproduce the problem here, so I'm closing it with "worksforme". Please re-open if you can still reproduce the problem after having set the ldap admin pw with smbpasswd -w again, and also having set the local sid with "net setlocalsid". Volker