Rowland Penny
2023-May-22 08:39 UTC
[Samba] Usage of '--domain-guid' parameter of 'samba-tool domain provision'
On 21/05/2023 22:29, Olivier MARTIN via samba wrote:> As I said in my last email, my intention was to not have to regenerate > the domain controller certificate as explained here: > https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login#Get_the_Domain_Controller.27s_GUID_with_script when I re-provisioned the same domain (in my test environment). The domain controller certificate requires its GUID. > > But I mixed "Domain GUID" and "Domain Controller GUID". And I was hoping > by passing a known GUID to "samba-tool domain provision", I will be able > to re-use my domain controller certificate without having to regenerate > a new one everytime I re-provision my domain in my test environment. But > what is passed to "samba-tool domain provision" is the "domain GUID" - > not the "domain controller GUID". >I understood that, what I didn't understand and what I actually asked was : Why do you need to recreate your AD DC domain environment ? Rowland
Olivier MARTIN
2023-May-22 08:56 UTC
[Samba] Usage of '--domain-guid' parameter of 'samba-tool domain provision'
I am testing my deployment Ansible script that create a AD DC domain environment. Every time I relaunched my script it recreates an AD DC with the given parameters (always the same domain parameters) On 22.05.23 10:39, Rowland Penny via samba wrote:> > > On 21/05/2023 22:29, Olivier MARTIN via samba wrote: >> As I said in my last email, my intention was to not have to >> regenerate the domain controller certificate as explained here: >> https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login#Get_the_Domain_Controller.27s_GUID_with_script >> when I re-provisioned the same domain (in my test environment). The >> domain controller certificate requires its GUID. >> >> But I mixed "Domain GUID" and "Domain Controller GUID". And I was >> hoping by passing a known GUID to "samba-tool domain provision", I >> will be able to re-use my domain controller certificate without >> having to regenerate a new one everytime I re-provision my domain in >> my test environment. But what is passed to "samba-tool domain >> provision" is the "domain GUID" - not the "domain controller GUID". >> > > I understood that, what I didn't understand and what I actually asked > was : > > Why do you need to recreate your AD DC domain environment ? > > Rowland >
Maybe Matching Threads
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'