Symantec Ghost cann't join Samba-PDC domain

Simo Sorce idra at
Mon Sep 24 02:17:02 GMT 2001

On Mon, Sep 24, 2001 at 01:47:13AM -0600, Matt Lessem wrote:
> I've got a Redhat 7.1 server running samba-2.2.1a serving as a PDC for
> about 100 machines in teaching labs at a university.
> In general, the server works well. It is very stable and has no problem
> supporting 400+ users. As an added bonus, it also serves as a firewall
> and a dhcp server and provides the students with ssh/scp access to their
> home directories.
> The one major problem I'm having involves using Symantec Ghost 7
> Enterprise edition to image the Windows 2000 clients in the labs. I
> won't spend too much time explaining how this works, as only those
> familiar with Ghost will likely have any suggestions or care to read on.
> What happens is: when Ghost 7 Console re-images a client machine, it
> attempts to re-add it to the domain using a name and password given to
> Ghost when it is installed. This user exist on the Samba-PDC server, and
> has permission to create domain accounts.
> When the freshly imaged client machine comes back up, with the correct
> name and thinking it is in the correct domain, it gives an error of,
> roughly, "Failed to join domain. Bad parameter". I hit "ok" and the
> machine reboots. When the client comes up again, it still thinks it is
> in the domain. If I attempt to login to the domain, it says roughly,
> "Unable to logon to domain. Computer account is nonexistant or password
> is wrong". Of course, all of these machines already have accounts on the
> Samba-PDC server.
> The solution, up to this point, has been to remove each machine from the
> domain, reboot, put each machine back into the domain, providing a name
> and password for the samba-pdc that can do that, and reboot again. You
> can see how this could get old with 100 clients.
> I have seen Ghost 7 successfully put machines back into a domian that is
> run by a Win2K server, so it is not purely a matter of Ghost being
> broken.
> Questions you might be able to help me with:
> 1. How is Ghost attempting to re-add these machines to the domain? If it
> is attempting to use user manager for domain style commands, I know that
> Samba-PDC does not support that. If it is doing something else, what is
> that?

SAmba PDC 2.2.x support most of them, nut you must have a user root in smbpasswd that maps on the system root to do that (use a different root password than the system one)

> 2. Is Samba logging the attempts by Ghost to rejoin these machines to
> the domain? If so, where?

Probably, depends on your log level.
If you give ghost the root user and passwor it will be probably able to readd
your machines. We are working to give capabilities to other users to do these tasks.

> 3. Is anyone doing this successfully? In other words, is it just me/my
> server?

> 4. Does anyone have any solutions/work-arounds for getting Ghost 7 and a
> Samba-PDC to play nice -- besides moving to a Win2K Server and just
> using the Samba machine as a file server?
> Any help or thoughts are much appreciated.

for details, read the docs and the archives

Simo Sorce       idra at
Samba Team

More information about the samba-ntdom mailing list