[Samba] 'Scripted' machine account renewal?!
Rowland Penny
rpenny at samba.org
Mon Mar 4 20:54:12 UTC 2024
On Mon, 4 Mar 2024 14:14:18 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Kees van Vloten via samba
> In chel di` si favelave...
>
> > Interesting, I tried running it with -d 10, it shows a lot of
> > output.
>
> The same. My output is a bit more complex, i think because the joined
> machine is a firewall, that have no whatsoever info about the domain,
> so i have tons of error relatives to dns record missing.
>
> But, as just stated, join with:
>
> net ads join -I 10.172.1.8 -U gaio
>
> worked as expected, a simple 'net ads testjoin' work (with the same
> DNS errors, of course).
>
>
> > Another thing I tried was "systemctl stop winbind" and then the
> > "net changetrustpw", but even then the same error occurs.
>
> I've not winbind running in joined machine.
If winbind isn't running, then your machine isn't fully joined, with
'security = ADS' ( a requirement for an AD Unix domain member) you must
have winbind running, it has been this way since Samba 4.8.0
Rowland
More information about the samba
mailing list