Joining a Windows 2000 Domain in an OU other than the top level
Jay Ts
jay at toltec.metran.cx
Mon Dec 10 06:57:07 GMT 2001
Don't even try to add the server to the Active Directory (LDAP/
Kerberos) domain. When you add a Samba server to a Win 2000 domain,
the domain controller(s) use backward compatiblity to support it
as if they are a Windows NT 4.0 PDC.
When running the smbpasswd command, you need to use the Administrator
account and password, not your personal user account. Try:
smbpasswd -j DOMAIN-NAME -r PDC-NAME -U Administrator%<Administrator-Password>
I think that may do it for you.
Jay Ts
> Due to restrictions set up in our Windows 2000 domain, I've been having
> trouble adding a Samba server to the domain. I've had a domain
> administrator add the server into an OU that we do have access to, and my
> Windows account has been enabled to add nodes to that OU. When I execute
> "smbpasswd -j DOM -r PDC -U myid%mypasswd", I get the traditional:
>
> smbpasswd -j DOMAIN/OU/SUBOU -r PDC -D 4 -U myid
> added interface ip=###.###.25.36 bcast=###.###.25.255 nmask=255.255.255.0
> Password:
> resolve_lmhosts: Attempting lmhosts lookup for name PDC<0x20>
> getlmhostsent: lmhost entry: ###.###.22.14 PDC
> Connecting to ###.###.22.14 at port 139
> session setup ok
> Domain=[DOMAIN] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
> Unable to join domain DOMAIN.
>
> The same thing happens whether I try to add it to just DOMAIN or
> DOMAIN/OU/SUBOU. I'm trying to set this up using Samba 2.2.2 under Solaris
> 8. I was successfully able to add it to both an NT domain as well as a test
> Windows 2000 domain in the top level OU. I deleted the MACHINE.SID and
> secrets.tdb files in between each attempt.
>
> Mike
>
More information about the samba-ntdom
mailing list