Req root to join domain w/ W2K

[Jason Coene]

Kevin,

I brought this up last night. It appears that group mapping code is being
currently developed to specify users who can join a Win2k machine to a
domain.

I will be pursuing this issue, as its of large importants for those who use
Win2K and Samba in production enviroments.


Regards,

Jason

-----Original Message-----
From: samba-ntdom-admin at lists.samba.org
[mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of Kevin G. Currie
Sent: Thursday, May 10, 2001 4:27 PM
To: samba-ntdom at lists.samba.org
Cc: samba-techical at lists.samba.org
Subject: Req root to join domain w/ W2K



Why exactly does joining a domain from a Windows 2K box require the root
password for the Samba server (or the root account at all for that
matter)?

I understand that you're trying to automate creation of accounts
with samba on a unix machine, but frankly, I'm not going to touch that
with a 20 foot poll.

If I have setup the machine accounts in /etc/passwd and smbpasswd ahead of
time by hand, why can't a domain admin add machines to the domain?  Giving
out the root password (even if it is different in smbpasswd) is _NOT_ an
option at our sight.  What needs to be done to get around this if the
account entries are pre-made?  How can I help (IOW, where should I start
looking and what should I know ahead of time about the code)?

Kevin Currie



--
phew, for a minute there i lost myself.