[Samba] Can't re-add NT box to domain

[Craig White]

On Fri, 2004-03-26 at 14:10, Chris Garrigues wrote:
> While I wait for an answer to my last question, allow me to ask another.
> 
> When we upgraded a samba server from 2.x to 3.0.0-2mdk using LDAP, we managed 
> to change the domain SID.  Instead of fixing the SIDs on the sever, I re-added 
> the hosts to the domain.  Although it was a lot of work, it was successful on 
> most of the systems on the network.  However, we have one old NT4 box on the 
> network which will not rejoin the domain.  Instead it reports: "This computer
> name is already configured as a domain controller on the domain."
> 
> We've deleted and re-added the user object for the machine several times.  
> This is what it currently looks like:
> 
> [root at Border samba3]# pdbedit3 -u ntbox$ -v
> Unix username:        ntbox$
> NT username:          ntbox$
> Account Flags:        [           ]
> User SID:             S-1-5-21-3970570929-2603547963-1902127304-2152
> Primary Group SID:    S-1-5-21-3970570929-2603547963-1902127304-513
> Full Name:            nt computer
> Home Directory:       \\border\ntbox_
> HomeDir Drive:        U:
> Logon Script:         login.bat
> Profile Path:         \\border\profiles\ntbox_
> Domain:               BORDERENT
> Account desc:         
> Workstations:         
> Munged dial:          
> Logon time:           0
> Logoff time:          Mon, 18 Jan 2038 21:14:07 GMT
> Kickoff time:         Mon, 18 Jan 2038 21:14:07 GMT
> Password last set:    0
> Password can change:  0
> Password must change: Mon, 18 Jan 2038 21:14:07 GMT
> 
> I'm suspecting that the old SID is cached on the NT box somewhere, probably in 
> the registry, but I have no idea where to look.  Any ideas?
----
samba can't operate as a DC in conjunction with Windows based DC's -
With samba 3.0 -> 3.0.3pre1 - you can have multiple samba BDC's with a
samba PDC but in no other fashion.

Perhaps that is targeted for the future - but it is not possible in the
present.

Craig