Joining a domain with samba4 when the user exists?

Brad Henry j0j0 at
Sat Oct 15 18:06:13 GMT 2005

Volker Lendecke wrote:

>Without the attached patch I can not successfully join a NT4 domain with Samba4
>when the machine account already exists. The join is correctly executed on the
>DC, but net refuses to store the credentials in secrets.ldb because the join
>function returns NT_STATUS_USER_EXISTS. Is there a particular reason for this
>behaviour? Does net have to deal specially with this situation, or is it a
>misbehaviour of libnet_Join?
Hi Volker,

The behavior you're seeing in libnet_JoinDomain() was intentional. 
libnet_JoinDomain() is returning NT_STATUS_USER_EXISTS because that's 
what it recieved from dcerpc_samr_Createuser2(). 
libnet_Join_primary_domain() is exiting immediately after it calls 
libnet_JoinDomain(), as it didn't return NT_STATUS_IS_OK.

I'm wondering if perhaps we should keep libnet_JoinDomain() returning 
NT_STATUS_USER_EXISTS for this case, but allow 
libnet_Join_primary_domain() to add the record to secrets.tdb.

How does that sound? I would be happy to code up a patch to get this right.


More information about the samba-technical mailing list