Can linux join (as a client) Windows 2000 domain??
I have been google-ing all over the place... and as far as I can tell... the answer is: no, no it can't.... It seems that it will tease you with things that appear as though it should... but in the end... it just wont...
If anyone knows how to do this I would be forever in debted...
Here is my exact situation...
I work in a mid-size network environment (structly windows right now)
We have several Windows 2000 Server domain controllers with Active Directory...
I am trying to get us to slowly start moving the way of Linux... first on desktops though.. and also as our intranet server...
I am running a notebook with RHEL 4 beta on it... (I was also runnign RHEL 3 WS before this) And I cannot for the life of me.. figure how to join Active Directory.... If ANYONE can help PLEASE DO!
This is specific to Samba 3, earlier versions may operate differently.
After configuring your /etc/samba/smb.conf and your /etc/krb5.conf files, enter the following command:
net ads join –UAdministrator
You will then be prompted to enter the domain administrator’s password. The domain name used will be what you set the workgroup = field to in your smb.conf. To verify that you have joined successfully, look for the server in your directory controller’s server manager.
Other stuff to look out for...this has been a nagging problem in RHEL 3 but it might be fixed in 4:
If your Windows 2000/2003 Active Directory (AD) Domain Controller (DC) is functioning in Mixed mode, it is recommend that you join your Samba server to the domain in RPC mode. The RPC (Remote Procedure Call) mode of domain membership is the "NT4" style of domain membership and works quite well with Windows 2000/2003 DC's, so long as the DC is still operating in Mixed Mode (which is the default mode).
ADS (Active Directory Services) mode is the other option for joining a Samba server to a 2000/2003 domain.
At this time, avoid joining a Samba server to a Windows 2000 or 2003 Domain Controller in ADS mode. There are known compatibility problems with Microsoft's proprietary implementation of Kerberos and LDAP in AD and the versions of the MIT Kerberos packages available for Red Hat Enterprise Linux 3 systems.
While you may be successful in initially joining a domain in "ADS" mode, it is a known issue that eventually the domain controller will start issuing Kerberos tickets that the Samba server cannot understand. This has been known to take as long as three months to occur, but once it starts happening, the Samba server will not be able to function properly on the domain. At this point, the only options available for re-joining the Samba server to the domain are:
* To remove the Samba server from the domain (on the Windows domain controller), reconfigure the Samba server to be an RPC-type member of the domain, and rejoin the domain in RPC mode.
Note: A 2000/2003 DC must be functioning in Mixed Mode to be able to join a Samba server to the domain in RPC mode
* If the DC has already been changed to operate in Native mode, unfortunately, the only option is to rebuild the DC.
Since Mixed Mode is the default mode of operation, the system administrator would have to choose to set a 2000/2003 DC into Native mode for it to be functioning this way. Once a DC has been set to Native mode, the only way to get it back to Mixed mode is to rebuild the domain controller.
|All times are GMT -5. The time now is 10:51 PM.|