TNG 0.7 - can't join domain

Luke Kenneth Casson Leighton lkcl at samba.org
Tue Feb 29 20:18:54 GMT 2000


> Yes.  I created it using the rpcclient "adduser" command.  (Which
> itself took a good half hour to figure out.)  Was that wrong?

no, it's not wrong.
 
> Could someone please document *once*, in one place, the precise set of
> steps we are supposed to be using?  And actually try it yourself in
> the process?  As near as I can tell, the procedure goes something like
> this:
> 
>   1) Make sure root account exists in smbpasswd (use "smbpasswd -a" if
>      not)

yep.  do a touch private/smbpasswd if it doesn't exist, that's a
long-standing bug, sorry.
 
>   2) Make sure machine account (MACHINE$) exists in /etc/passwd
> 
>   3) (Is this step even right??)  Use rpcclient to create the machine
>      account in smbpasswd.  (rpcclient with what args, exactly?  What
>      does the % in "rpcclient -S . -U root%" mean, anyway?)

rquivalent to -U root -N (no password).

sort-of.  strictly speaking it shouldn't be done, it 's a security risk.
 
>   4) Use the network control panel to join the workstation to the
>      domain, using the root login and password.
> 
>   5) (Optional, for better security) Use rpcclient blah blah to
>      randomize the trust account password

at this stage, that's a complication and it only works on nt4.

> hand, joined the domain *without* creating the machine account from
> Network Properties, and used rpcclient to reset the trust account
> password.  Not exactly a streamlined process.

*sigh*...



More information about the samba-ntdom mailing list