[Samba] Re: secretly replacing a windows domain client with samba

[Joerg Lenneis]

Benjamin Adler:

> Hello!
> I have a problem: I work in a company which is strictly windows-only, and
> I really need to replace a windows-xp machine - which is a member of the
> company's domain - with a linux machine (using samba).

> This new linux machine will have to upload backups of its data to a share
> within the domain. Thus, it needs to be a member of the domain (correct?).

> Obviously, I need to join the linux-box to the domain without the
> domain-admins knowing, and thats where my problems start.

> If I understood correctly, every machine in the domain has a machine trust
> account (MTA) on the PDC. The MTA's username is the clients' NETBIOS
> machine name with a "$" appended, and the password is set to a random
> value by the client when first joining the domain.

> That way, one cannot just replace a machine thats member of the domain
> with another machine. The domain-admins would have to reset the MTA's
> password, so that the new machine can join.

> Since I cannot ask the domain-admins to do just that, I'm looking for a
> way to extract this machine password - which, to my understanding, is
> still stored on the old winxp-client - and use it in samba (samba stores
> that in the secrets.tdb, right?).

> Now my question: Have I understood the problem correctly? If yes, what can
> I do, is there a way to extract the machine password? Has anyone ever done
> this?

> I *think* that the PDC is a windows NT 4 machine, but I'm not sure. I DO
> have a valid user account for the domain, but it doesn't have any special
> privileges (like being domain admin :)


[...]

You have it slightly backwards: Samba is an SMB/CIFS file *server*,
not a client, so all deliberations about secrets.tdb do not
apply. There is a Linux client filesystem implentation available
(smbfs) but that will not allow you to join a domain.

best regards,

-- 

Joerg Lenneis

email: lenneis at wu-wien.ac.at