Vasco Silva
2016-Oct-18 13:57 UTC
[Samba] Joining Samba workstation as a Domain Member - Which is the correct way?
Hi everyone, In my environment I am running a Domain Controller, on ubuntu 16.04, samba v 4.11. My doubt is now on joining workstations to this domain. I was adding joining the command "samba-tool domain join...", however, I found in the samba page: https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member a note to don't use samba-tool: " The domain join *_A note on provisioning_:*A Domain Member_must not_be provisioned by using "samba-tool"! This would setup an AD DC on your Domain Member with some parts turned off and writes to sam.ldb instead of passdb.tdb. Don't use this way to join, to avoid unwanted side effects! The Domain Member provisioning option will be removed in the future. The following command will join the host to the domain and automatically register/update its DNS record: " Which one is the correct way to join? Samba-tool or net ads join? I was convinced that samba-tool was correct! The help shows explicity the option to join as Domain member: samba-tool domain join Usage: samba-tool domain join <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] [options] Could anyone please clarify this doubt? Which are the differences between the comands? Thank you. Kind regards, Vasco Silva
Sketch
2016-Oct-18 14:28 UTC
[Samba] Joining Samba workstation as a Domain Member - Which is the correct way?
On Tue, 18 Oct 2016, Vasco Silva via samba wrote:> My doubt is now on joining workstations to this domain. I was adding joining > the command "samba-tool domain join...", however, I found in the samba page: > https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member a note to > don't use samba-tool:samba-tool is for domain controllers. To join member servers (including workstations), use "net ads join".
Rowland Penny
2016-Oct-18 14:36 UTC
[Samba] Joining Samba workstation as a Domain Member - Which is the correct way?
See inline comments: On Tue, 18 Oct 2016 14:57:49 +0100 Vasco Silva via samba <samba at lists.samba.org> wrote:> Hi everyone, > > In my environment I am running a Domain Controller, on ubuntu 16.04, > samba v 4.11. > > My doubt is now on joining workstations to this domain. I was adding > joining the command "samba-tool domain join...", however, I found in > the samba page: > https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member a > note to don't use samba-tool: > " > > > The domain join > > *_A note on provisioning_:*A Domain Member_must not_be provisioned by > using "samba-tool"! This would setup an AD DC on your Domain Member > with some parts turned off and writes to sam.ldb instead of > passdb.tdb. Don't use this way to join, to avoid unwanted side > effects! The Domain Member provisioning option will be removed in the > future. > > The following command will join the host to the domain and > automatically register/update its DNS record: > > > " > > Which one is the correct way to join? Samba-tool or net ads join? >Use 'net ads join'> I was convinced that samba-tool was correct! The help shows explicity > the option to join as Domain member: > > samba-tool domain join > Usage: samba-tool domain join <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] > [options] >Yes, I know it says that, but the domain member you get that way is just a faulty part DC. Rowland