[Samba] Method for joining machines to PDC without using root

[John H Terpstra]

On Mon, 23 Dec 2002, ___cliff rayman___ wrote:

> currently, in order to join a win XP machine to a samba PDC, you
> have to use the root account (although you can use an smbpasswd
> and not the linux password).  is there any way to set up another
> account to do this one particular task (one without uid=0)?.

No. It has to be done as a 'root' privilidged account from samba's
perspective. ie: NT Administrator (which maps to root). As you noted, the
smb password for root does not need to be the same as the system root
password.

>  if we have users in remote places, i do not want to have to go over
>  to their work station just to log them on the the domain.  alsoi don't
> want to
> give them a login and password that could compromise the system
>  the samba is running on (linux).
>
> i think the answer is no from some of the information i found
> by googling, but i wanted to verify the answer here.

You have your verification. Got a better suggestion? Send us your patches
and we will look at them.

> my only other option would be to issue a:
> smbpasswd root
>
> make a temporary password, talk someone into joining
> a domain on the phone, immediately change the password
> back so it is secure.

No different from NT/2K really.

- John T.
-- 
John H Terpstra
Email: jht at samba.org