On 21.Sept.2003, Ville Jutnik wrote : > The documentation that I found regarding this issue wasn't that good > - it didn't help me that much. Later on I managed to join the > win2k-domain after a lot of work
I've joined many Samba 2.2.x servers to our NT4 domain, and for us it all works just as documented in the "DOMAIN_MEMBER.html" document supplied in the Samba source distro : root# smbpasswd -j DOM -r DOMPDC -UAdministrator%password or, to avoid entering the password on the command line, omit the password part of the -U argument : root# smbpasswd -j DOM -r DOMPDC -UAdministrator which will cause a "password:" prompt. > Samba 2.* doesn't support AD (3.* does though) you have to make > sure that your PDC allows you to join the domain without using AD > (using NT-style trust relationship). Therefore I think that the server > has to be in something called "mixed" mode Erm - Active Directory "mixed mode" is required if you need to have a mixture of fully native ADS domain controllers and pre-Win2K domain controllers, but *not* AFAIK to allow ordinary member servers to participate in the "domain" ("tree", "forest", whatever). I'm just quoting what I've read - we have no W2K ADS here. However, I can well imagine that, as you describe, it's necessary to pre-create the member server accounts in the ADS, and mark them as "Allow pre-Windows 2000 computers to use this account". Interesting ... thanks for the pointer. > I was using samba-2.2.3a (debian package) If you need the cutting-edge Samba domain-management features then I strongly advise you don't do that - instead, use the Samba 2.2.8a Debian package available using this apt source line : deb http://people.debian.org/~peloy/samba/ woody main This is the latest Samba release, packaged for Debian Woody, rather than the functionally old Samba with security fixes applied ("backported"), that is officially part of Woody - and should work better for people with complex needs. It may be unofficial, but it's packaged by one of the Debian Samba package maintainers ... I found 2.2.8a gave us a better effect with "winbind" functionality. > I anyone has any clue about this I would be greatfull if he/she > could drop me a line Sorry, I have no idea why you have to run the second "-m" smbpasswd call in your scenario - maybe it's an ADS thing, or maybe it's a buggette in Samba 2.2.3a secure channels protocol handling ;-) Nick Boyce EDS, Bristol, UK -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba