leaving and rejoining domain

Jeremy Allison jallison at cthulhu.engr.sgi.com
Wed Dec 16 17:45:53 GMT 1998

J. A. Landamore wrote:
> I have several machines that normally belong in a domain served by
> samba-2.0.0beta2, that I occassionally need to remove from the domain and then
> rejoin the domain.  To remove them from the domain I just change them to
> workgroup machines in the network control panel. (Is this the correct way of
> doing it?).  However to get them to rejoin the domain I need to stop samba,
> remove the machine entry from smbpasswd, add the machine entry and restart
> samba.  I can then get the success dialog box when  I add them to the domain
> otherwise it fails.
> Could someone please explain why it refuses to use the old smbpasswd entry
> please?

Because when you change them to workgroup machines
in the control panel it destroys whatever machine password
key it has stored in the registry (or refuses to use it
again, which amounts to the same thing).

When you tell the WinNT machines to re-join the domain
they will start again with the initial (known) password
of machine name in lower case as UNICODE, md4 hashed.

Thus you need to reset the smbpasswd machine entry to
match this.

Hope this helps,

	Jeremy Allison,
	Samba Team.

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-ntdom mailing list