Draft #2: Re: [patch] net ads join rework

Gerald (Jerry) Carter jerry at samba.org
Wed May 10 07:39:21 GMT 2006

Hash: SHA1

Gerald (Jerry) Carter wrote:
> Gerald (Jerry) Carter wrote:
>>> The points of interest are
>>> * net_ads_join() uses same rpc mechanisms as net_rpc_join()
>>> * Enable CLDAP queries for filling in the majority of the
>>>   ADS_STRUCT->config information
> Just a little clarification on this point.  If you look
> at the version of ads_connect(), you will see that the
> TCP LDAP session is avoided entirely if the ads->auth.flags
> field has ADS_AUTH_NO_BIND set.  This is intential since
> a lot of time we just need and AD DC and the TCP/389
> session is unnecessary overhead.
>>> * Remove ldap_initialized() from sam/idmap_ad.c and
>>>   libads/ldap.c
>>> * Remove some unnecessary fields from ADS_STRUCT

Here's a new draft that fixes 'net ads join' when 'disable
netbios = yes'.

Using the old code:

  $ net ads join  -U lizard%test -d 0
  ads_add_machine_acct: Host account for zero already exists -
    modifying old account
  ads_join_realm: ads_add_machine_acct failed (zero):
   Insufficient access
  ads_join_realm: Insufficient access

but with the new code:

  $ bin/net ads join  -U lizard%test -d 0
  Using short domain name -- BOOKS
  Joined 'ZERO' to realm 'BOOKS.PLAINJOE.ORG'

btw...I had the wrong protocol specifier in the
my bzr tree URL.  The correct URL is


cheers, jerry

Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: net_ads_join_v2.patch
Type: text/x-patch
Size: 494 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060510/dc05f164/net_ads_join_v2.bin

More information about the samba-technical mailing list