[Samba] Joining a domain
mmuehlfeld at samba.org
Tue Mar 10 15:13:17 MDT 2015
Am 10.03.2015 um 18:26 schrieb Chris Stankevitz:
> Please consider a scenario in which samba is sharing files and users
> provide their Active Directory usernames and passwords to log into to
> 1. Must "net join" be used?
If you want to join the domain, yes.
> 2. Under what circumstances will samba (and family) require an
> explicit "net join"?
What do you mean with "and family"?
> 3. What technically is happening when samba/computer "joins" the domain?
There are thousands of sites describing, what happens when a computer
joins a domain.
In short: An account is created in the domain, that the computer uses to
authenticate against the domain to proof to be a member of the domain.
The computer automatically changes the machine accounts password
(default = every 30 days).
> 3a. Is a file added to the hard drive?
It's written into secrets.tdb for domain members. For DCs more happen in
the background, when joining the domain.
> 3b. Is the join "persistent" across reboots?
Yes. Otherwise you need some extra admins, re-joining all computers
every morning before users can start to work. ;-)
> 4. How can I tell is a samba server has been "joined" to the domain?
# wbinfo -t
can be use to check winbinds connection to a trusted DC.
> Chapter 10 of the Oreilly 3rd edition book describes domain
> membership, but it leaves me wanting to understand more. For example,
> "net join" has never worked well (generally spews some kind of
> complaint) but things still work.
Never had problems to join a Samba host yet. Examples?
More information about the samba