[Samba] Joining a domain controller with a conflict name

[Ephi Dror]

Hi Andrew,

Thanks Andrew for your reply.

I was not quite understood one thing.

Did you mean that "Yes", there is a way to prevent joining a domain with
using  another server name or did you mean "Yes" that IT must make sure
the name is unique and no computer with this name is already part of
this domain when joining a domain.

If you meant Yes, there is a way to prevent joining a domain controller
with someone else name, how do we contact the domain we want to join and
ask it to give us the list of computers in the domain or ask it if a
particular computer is already in the list.
Also, if a computer XYZ is already in the domain, I think the domain
controller has no way to know if this computer is still alive and so on.

I know it is not a big deal for the computer that its trust with the
domain has been stolen by another computer to rejoin and gain access to
the domain but if it does it, guess what, he will make the other
computer loose its trust with the domain. 
So if two computers try to keep on using the same name when joining a
domain, they will keep on making the "other" computer rejoining so they
both will keep on rejoining all day.

Cheers,
Phi

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Wednesday, April 13, 2005 3:52 PM
To: Ephi Dror
Cc: samba at lists.samba.org
Subject: Re: [Samba] Joining a domain controller with a conflict name

On Wed, 2005-04-13 at 15:40 -0700, Ephi Dror wrote:
> Hi All,
>  
> Is it a way to prevent joining a domain with a netbios name that 
> already used by other domain member?.

> Is it the responsibility of the IT person to make sure the name is 
> unique?

Yes.  Otherwise it would not be possible to simply 'rejoin' the domain
when a server is rebuilt, for example.

Andrew Bartlett
 
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net