[Samba] Samba / AD integration

Jeremy Allison jra at samba.org
Tue Aug 5 16:25:41 GMT 2008


On Tue, Aug 05, 2008 at 10:50:21AM -0500, Brian Foddy wrote:
> I have a quick question on hooking Samba to a large AD domain.   
> Following the excellent recipe at:
>
> http://wiki.samba.org/index.php/Samba_&_Active_Directory
>
> I see it states about half way down to join the machine to AD
>
> "Now to join your machine to the active directory. You will need the  
> user-name and password to a Domain Administrator account to do this. The  
> command you need to join the domain is net ads join -U sadwrn. This  
> should then ask you for a password, and print a domain join notice."
>
> Is this required to use a Domain Administrator account, or can any  
> normal user AD account be used?  I know AD doesn't allow anonymous  
> browsing, but can a normal non-admin account be used?  As I read through  
> it, I don't see any other special admin access required other the root  
> on the Linux machine.

Any account with the ability to join a machine to a domain can
be used. You only need this for the join operation, in daily
use no extra permission is needed (it acts the same way as a
Windows box in the domain).

Jeremy.


More information about the samba mailing list