Joining a domain with samba4 when the user exists?
abartlet at samba.org
Sat Oct 15 20:12:30 GMT 2005
On Sat, 2005-10-15 at 12:06 -0600, Brad Henry wrote:
> Volker Lendecke wrote:
> >Without the attached patch I can not successfully join a NT4 domain with Samba4
> >when the machine account already exists. The join is correctly executed on the
> >DC, but net refuses to store the credentials in secrets.ldb because the join
> >function returns NT_STATUS_USER_EXISTS. Is there a particular reason for this
> >behaviour? Does net have to deal specially with this situation, or is it a
> >misbehaviour of libnet_Join?
> Hi Volker,
> The behavior you're seeing in libnet_JoinDomain() was intentional.
> libnet_JoinDomain() is returning NT_STATUS_USER_EXISTS because that's
> what it recieved from dcerpc_samr_Createuser2().
> libnet_Join_primary_domain() is exiting immediately after it calls
> libnet_JoinDomain(), as it didn't return NT_STATUS_IS_OK.
> I'm wondering if perhaps we should keep libnet_JoinDomain() returning
> NT_STATUS_USER_EXISTS for this case, but allow
> libnet_Join_primary_domain() to add the record to secrets.tdb.
> How does that sound? I would be happy to code up a patch to get this right.
Sorry about this,
I was intending that this be the behaviour. I think 'net join' should
be able to report that the join was a 're-join', keyed off that status
return. Feel free to knock up a patch (it should probably report what
type of account we are currently joined as too).
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051016/35e49d35/attachment.bin
More information about the samba-technical