John H Terpstra wrote:
Using the Users and Computers MMC adds the Samba computer object with a
different UserAccountControl attribute value than when you use "net ads
join". It used to be that the (apparent) default value of 4128 would
not allow auth-n with MD5. I just tested this (W2003SP1 and 3.0.14a)
and it now works with MD5. In other words, using the MMC to add the
computer object, then doing a "net ads join" (Modifying Existing
Object), now results in successful client auth-n - at least in this test
case. I have heard the same testimony from other sources. I would
still recommend adding the object with the "net ads join", and the
resulting UserAccountControl attribute value of 2166784.
On Monday 12 December 2005 02:22, Michael Billerbeck wrote:
On Monday 12 Decemver 2005 09:46, John H Terpstra wrote:
On Sunday 11 December 2005 15:51, Michael Billerbeck wrote:
Please point me at the specific reference in the HOWTO. I need to
understand what causes you concern.
in the Samba How-to I've read not to use the configuration wizard with
samba-3 when joining a domain.
Why that? Is there a problem?
Please help me to understand your concern. If the documentation is
I must correct of extend it.
In chapter 8.2.2 Joining a domain: Windows 2000/XP Professional (on page
131) point 4 says:
"Click the computer name tab. [...] Clicking the Network ID button will
launch the configuration wizard. Do not use this with Samba-3."
I was asking this because I used it also with Samba-3 and I would like to
know if there are some side effects when using it or why it is explicitly
Joining through use of this tool did not work with early releases of Samba-3.
Try it. Let me know if it works now.
PS: If you try the NetworkID Wizard, and it fails, reboot the Windows PC
before attempting to use the "Change" button. In the past, a failure when
usign the NetworkID wizard would hose up the Windows client so that it then
count not resolve the netbios name of the domain controller.
- John T.
To unsubscribe from this list go to the following URL and read the