[Samba] net offline domain join
Stefan Kania
stefan at kania-online.de
Sun Jan 5 13:48:45 UTC 2025
I tried it again, this time directly on a Linux-client. I got:
--------------
root at client01:~# net offlinejoin provision -U administrator%Passw0rd
domain=example.net machine_name=win11b savefile=provisioning.txt
ads_print_error: AD LDAP ERROR: 19 (Constraint violation): 0000202F:
samldb: spn[HOST/client01.example.net] would cause a conflict
Failed to provision computer account: Invalid configuration ("netbios
name" set to 'CLIENT01', should be 'win11b') and configuration
modification was not requested
--------------
So I thought: Why is the command waiting for the client I try the
command. But let's test:
root at client01:~# net offlinejoin provision -U administrator%Passw0rd
domain=example.net machine_name=client01 savefile=provisioning.txt
Successfully provisioned computer 'client01' in domain 'example.net'
Heeee that was working, but why should I use the offlinejoin if I can do
it only on the client I want to join and STILL need the domain
adminstrator password on the client. Makes absolutely no sens at all. Th
djoin command I can (as Administrator) on any Windows-client create
several client files for different clients. Then copy the files to these
client and then the lokal administrator can joiin the client WITHOUT the
domain administrator password.
If that's the way the "net offlinejoin" command should work, then it's
totally useless. And by the way the manpages is telling:
-----------
SAVEFILE is an optional parameter to store the generated provisioning
data on disk.
-----------
That's wrong, you need the file to copy it to a client to join the
client into the domain. But that is showing me, that the offlinejoin is
wrong.
Am 04.01.25 um 20:56 schrieb Stefan Kania via samba:
>
>
> Am 04.01.25 um 18:59 schrieb Stefan Kania via samba:
>> Hi
>>
>> I try to user the offline domain join. As the manpage of net told me
>> in an example I tried it with:
>>
>> root at cluster01:~# net offlinejoin provision -U administrator
>> domain=example.net machine_name=WINCLIENT11a dcname=dc01
>> savefile=winclient11a.txt
>>
>> But all I got was:
>>
>> ads_print_error: AD LDAP ERROR: 19 (Constraint violation): 0000202F:
>> samldb: spn[HOST/cluster.example.net] would cause a conflict
>> Failed to provision computer account: Invalid configuration ("netbios
>> name" set to 'CLUSTER', should be 'WINCLIENT11a') and configuration
>> modification was not requested
>>
>> can someone give me a tip how to use the offliendomain join
>>
>> Domain= example
>> DNS-domain = example.net
>> Domaincontrolle = dc01
>> new-client-to-join= win11a
>> savefile = win11a.txt
>>
>> Stefan
>>
> When doing the same on a Windows client:
> H:\>djoin /provision /domain example.net /machine win11a /savefile
> win1a.txt
>
> it works
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20250105/4acd85f8/OpenPGP_signature.sig>
More information about the samba
mailing list