[Samba] Problems joining a domain with a large number of DCs

[Eric Diven]

> On Tue, Nov 04, 2008 at 05:59:25PM -0500, Eric Diven wrote:
> > I'm having issues joining samba to a domain with a large number of 
> > domain controllers.  The domain is a mixed windows
> 2003/windows 2008
> > domain.  The samba server is Solaris 10 update 5 running on SPARC.
> > 
> > I have a custom samba build of samba 3.0.28 on the server
> because we
> > need Tobi Oetiker's samfs patch.  Because of the issue that version 
> > has with passwords longer than eight characters on Solaris,
> I've also
> > build samba 3.0.24 for using net to join the domain.
> 
> You might want to use the latest git checkout of 3-0-test, for example

> available via
> 
> http://repo.or.cz/w/Samba.git?a=snapshot;h=af33c8b3521564c;sf=tgz
> 
> as there have been fixes for the server affinity cache during join.
> 
> Volker
> 

Volker, thanks.  I'll take a look at that and see if it works.  To
clarify, is the issue in net in 3.0.24, and I can resolve my problem by
using only net from the git snapshot.  Or will I need to apply the Tobi
patch to the snapshot and use that build in its entirety?

Also, if I go to that build, it looks like the 8 character password bug
(https://bugzilla.samba.org/show_bug.cgi?id=4866) is still in the
re-opened state.  I'll try it, but if it's still an issue, the domain
policy prevents using passwords as short as 8 characters.  I was looking
yesterday for instructions on how to join a machine to a domain without
having to enter the admin password.

My impression (probably incorrect) is that this can be done by creating
the machine account in AD before trying to join the machine, but I've
been unable to actually find any info about how to then get samba
joined.

Thanks again,

~Eric

(Volker, sorry for the duplicate email, I hit the wrong reply the first
time)