Unable to join Win2k Pro SP2 to Samba 2.2.2 PDC
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 10 00:55:33 GMT 2002
On Wed, 9 Jan 2002, Phil Chambers wrote:
> Section 8.4.1.tells you how to create machine trust accounts manually!
> That document does not say you can't use that for W2k.
I think there is some confusion between manual account creation
(smbpasswd -a -m MACHINE) and the "on-the-fly" method (add from the client
using an admin account). The difference is really what happens at a
protocol level.
When you join a domain using the on-the-fly method, Win2k (or NT4)
uses the admin account to connect to the server and then uses that
password as a session key for communication.
* The add user script is only called if smbd cannot obtain a uid
for the machine account.
* The on-the-fly way of joining a domain does not use the
well known initial password for the machine account (NT hash
of the machine's netbios name in lower case letter).
I think the latest version of the HOWTO (in 2.2.2) explain this
a little better in the past. Hope it helps.
chau, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba
mailing list