[Samba] Windows XP cannot join Samba 4AD but win 7 can.
Marc Muehlfeld
mmuehlfeld at samba.org
Mon Jul 21 12:02:12 MDT 2014
Hello Sébastien,
Am 21.07.2014 11:58, schrieb Sébastien Degouzon:
> I've got some troubles making Win XP join may samba4 AD, and, well, i'm
> kind of stuck !
>
> I use the binary distribution of Samba 4 for Ubuntu Trusty Server
> (4.1.6), with bind9 DLZ as a DNS backend.
>
> Everything works fine with Win7 workstations, but I get a message
> "Internal Error" on Win XP workstation during the domain join.
> The machine account is created on the server, but stated "disabled", and
> the DNS entry is missing...
Which account do you use to join the machine? The domain admin or have
you delegated the permission to a different account/group?
Domain Admin should always work.
If delegated, then have a look here:
https://wiki.samba.org/index.php/Delegating_Administration_Permissions#Delegating_.27Joining_Computers_to_the_domain.27-permissions
In an earlier version of that HowTo I forgot to grant permissions to a
few attributes, what caused that I could join XP, but not Win7 (or was
it the other way around?).
In this context: You haven't changed ACLs on containers?
One more idea: If you provisioned/upgraded your domain with an early 4.0
version, you should fix the ACLs:
https://wiki.samba.org/index.php/Updating_Samba#Updates_of_early_Samba_4_version_on_Samba_Active_Directory_DCs
It doessn't hurt, if you check your AD with the two 'samba-tool dbcheck'
commands without the '--fix', anyway.
Regards,
Marc
More information about the samba
mailing list