Joining a domain with samba4 when the user exists?
j0j0 at riod.ca
Sat Oct 15 18:06:13 GMT 2005
Volker Lendecke wrote:
>Without the attached patch I can not successfully join a NT4 domain with Samba4
>when the machine account already exists. The join is correctly executed on the
>DC, but net refuses to store the credentials in secrets.ldb because the join
>function returns NT_STATUS_USER_EXISTS. Is there a particular reason for this
>behaviour? Does net have to deal specially with this situation, or is it a
>misbehaviour of libnet_Join?
The behavior you're seeing in libnet_JoinDomain() was intentional.
libnet_JoinDomain() is returning NT_STATUS_USER_EXISTS because that's
what it recieved from dcerpc_samr_Createuser2().
libnet_Join_primary_domain() is exiting immediately after it calls
libnet_JoinDomain(), as it didn't return NT_STATUS_IS_OK.
I'm wondering if perhaps we should keep libnet_JoinDomain() returning
NT_STATUS_USER_EXISTS for this case, but allow
libnet_Join_primary_domain() to add the record to secrets.tdb.
How does that sound? I would be happy to code up a patch to get this right.
More information about the samba-technical