David Mulder
2021-Nov-04 14:53 UTC
[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work
On 11/4/21 8:47 AM, Patrick Goetz via samba wrote:>> No! No, you don't. It's way better to have one way to do things, but > have it work correctly.? There's nothing wrong with > > ? net ads leave > > other than it doesn't take care of cleaning up DNS. >What you don't see under the hood, is that there *is* only one way of doing it. samba-tool domain join member is just calling net ads join, and samba-tool domain leave (the command I'm just now adding), just calls net ads leave. The point was, that the samba-tool command to join was confusing, since it never actually worked. So I pointed it to net ads join (using python bindings to the actual c call that net ads join makes). Adding these samba-tool commands eliminates the confusion, and prevents having 2 'correct' ways of doing it, since they call the same exact code paths. -- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder at suse.com <http://www.suse.com/>
David Mulder
2021-Nov-04 14:57 UTC
[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work
On 11/4/21 8:53 AM, David Mulder via samba wrote:> > What you don't see under the hood, is that there *is* only one way of > doing it. samba-tool domain join member is just calling net ads join, > and samba-tool domain leave (the command I'm just now adding), just > calls net ads leave. The point was, that the samba-tool command to join > was confusing, since it never actually worked. So I pointed it to net > ads join (using python bindings to the actual c call that net ads join > makes). > Adding these samba-tool commands eliminates the confusion, and prevents > having 2 'correct' ways of doing it, since they call the same exact code > paths. >I guess I should point out that this is only *mostly* true. The samba-tool domain join member command allows you to specify the join domain from the command line (and puts it in your smb.conf). With net ads join, you had to add this to your smb.conf manually. So the samba-tool command is slightly different. -- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder at suse.com <http://www.suse.com/>
Patrick Goetz
2021-Nov-04 14:59 UTC
[Samba] Using samba-tool to join a linux file server to the domain doesn't appear to work
Interesting. Then I'm really confused as to why when I use
samba-tool domain join $domain MEMBER -U administrator
The DNS A entry for the machine isn't created, but when I use
net ads join -U administrator
it is. (same domain, same host joining)
On 11/4/21 09:53, David Mulder via samba wrote:> On 11/4/21 8:47 AM, Patrick Goetz via samba wrote:>
>> No! No, you don't. It's way better to have one way to do
things, but
>> have it work correctly.? There's nothing wrong with
>>
>> ?? net ads leave
>>
>> other than it doesn't take care of cleaning up DNS.
>>
>
> What you don't see under the hood, is that there *is* only one way of
> doing it. samba-tool domain join member is just calling net ads join,
> and samba-tool domain leave (the command I'm just now adding), just
> calls net ads leave. The point was, that the samba-tool command to join
> was confusing, since it never actually worked. So I pointed it to net
> ads join (using python bindings to the actual c call that net ads join
> makes).
> Adding these samba-tool commands eliminates the confusion, and prevents
> having 2 'correct' ways of doing it, since they call the same exact
code
> paths.
>