[Samba] Redirecting the computer container doesn't work in Samba 4.8.5
Achim Gottinger
achim at ag-web.biz
Mon Sep 24 00:19:27 UTC 2018
Am 22.09.18 um 13:09 schrieb Kacper via samba:
> Hello,
>
> Changing "CN=Computers" to another OU doesn't seem to work correctly
> in Samba 4.8.5. Running redircmp or changing the wellKnownObject
> AA312825768811D1ADED00C04FD8D5CD to another OU worked in Samba 4.4 but
> now the Windows clients don't seem to respect that entry. They instead
> try to create their computer object under "CN=Computers" which they no
> longer have access to resulting in an Access Denied message during
> domain join.
>
> In the samba log one can clearly see that the windows clients are
> trying to create their computer accounts in the wrong container.
>
> Could this be a bug or did something change in the way this is handled?
>
> Regards,
> Kacper
> ---
>
> Ldif:
> dn: DC=mydomain,DC=test
> changetype: modify
> delete: wellKnownObjects
> wellKnownObjects:
> B:32:AA312825768811D1ADED00C04FD8D5CD:CN=Computers,DC=mydomain,DC=test
> -
> add: wellKnownObjects
> wellKnownObjects:
> B:32:AA312825768811D1ADED00C04FD8D5CD:My_Machines,DC=mydomain,DC=test
>
Can it be you have an syntax error in the add statement, using CN=My_Machines may work.
More information about the samba
mailing list