Web lists-archives.com

Re: [Samba] Howto set/reset/reaad computer account password with samba-4.9.x examples?

Hi Oliver,

Le 01/16/2019 à 10:03 PM, Oliver Rath via samba a écrit :
Hi list,

I want to perform a domain join of a computer to a given machine account
with reusing it, not overwriting. For this I think, it is the right way
(for a unattend.xml) to use the <machinePassword> described here:

in the new feature list of samba 4.9.x is written "The 'samba-tool
computer' command allow manipulation of computer accounts including
creating a new computer and resetting the password. This allows an
'offline join' of a member server or workstation to the Samba AD domain."

There has been a thread on the samba-technical mailing list about djoin.exe et al. You may take a look at it :


You'll need both a way to create/reset the account (and get the clear text shared secret), then re-inject it on the domain member in the secrets.tdb file.



Unfortunatly I dont find any example for

  * resetting the password (the "setpassword" from user command doesnt
    work, maybe simply --password?)
  * creating a computer with a given machine password (maybe simply
    --password,too ?)
  * reading the machine password from AD (there i found some old variant
    which didnt work, tested with Win81-clients)
  * perform an offline join with a previously given/read-from-ad machine

Is this possible, some examples anywhere?



Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0)

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba