[Samba] method to simulate domain logon from a node?
This is a discussion on [Samba] method to simulate domain logon from a node? within the Samba forums, part of the Networking and Network Related category; I recently ran into a situation where a Samba upgrade apparently broke the machine records in the smbpasswd file, with ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-04-2008
|
|||
|
|||
[Samba] method to simulate domain logon from a node?
I recently ran into a situation where a Samba upgrade apparently broke
the machine records in the smbpasswd file, with the resulting symptom that domain logons on those computers would fail about 95% of the time. (A very strange symptom, how it worked sometimes is still a mystery to me.) Similarly, this would fail: % smbclient -L saf01 -U 'saf/mathog%(password)' session setup failed: NT_STATUS_LOGON_FAILURE Conversely this worked (user domain logon, directly to the domain master): % smbclient -L safserver -U 'saf/mathog%(password)' That told me that the user logon was ok, but there was some issue with interaction between the two machines. It is easy enough to pull the SID off one of the workstations. Is there some command that is the equivalent of the first command, but along the lines of: % smbclient -L safserver -test_machine SID To verify that the smbpasswd record is ok? Since I knew of no such command, I ended up futzing around with firewalls and such (which didn't help) before removing the client from the domain, deleting and readding the machine record, and adding the machine back to the domain, which seems to have fixed the problem. On a related note: Is there a .bat script or, better yet, remote method to induce a Windows machine to remove itself from a domain, reboot, add itself back, and reboot? I had to do that on 8 machines to get them all working again, and it was a major pain having to do this manually. Rebuilding the machine records in the smbpasswd file is always needed after cloning, and I can see this as being a major amount of work for a site with many, many clones machines. Thanks, David Mathog mathog@caltech.edu Manager, Sequence Analysis Facility, Biology Division, Caltech -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
|
09-04-2008
|
|||
|
|||
|
Re: [Samba] method to simulate domain logon from a node?
On Thu, Sep 04, 2008 at 08:31:04AM -0700, David Mathog wrote:
> Is there a .bat script or, better yet, remote method to induce a > Windows machine to remove itself from a domain, reboot, add itself > back, and reboot? I had to do that on 8 machines to get them all > working again, and it was a major pain having to do this manually. > Rebuilding the machine records in the smbpasswd file is always needed > after cloning, and I can see this as being a major amount of work for a > site with many, many clones machines. Thanks to Günther Deschner, Samba 3.2 contains bin/net dom join usage: net dom join <domain=DOMAIN> <ou=OU> <account=ACCOUNT> <password=PASSWORD> <reboot> Join a remote machine usage: net dom unjoin <account=ACCOUNT> <password=PASSWORD> <reboot> Unjoin a remote machine Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFIwATeUzqjrWwMRl0RAhh4AJ4+Imnyo2y7PcGJLx+DrM RjnOgLJACfV0lC Y7a7SO6ATnX7od6KHP8v4RI= =pG09 -----END PGP SIGNATURE-----
|
Linear Mode
