RSS
Server Side: CentOS 5.4 (x86_64) + Samba 3.4.3
Client Side: Windows 7 Enterprise (32-bit / 64-bit) or Windows Server 2008 R2 Enterprise, both RTM
You can do it, but you need to change registry values on the client side.
Without configurations listed below, Windows 7 or Server 2008 R2 clients cannot join to Samba domains (the error message will be: "The specified domain either does not exist or could not be contacted").
Run these commands as the Administrator:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DomainCompatibilityMode /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DNSNameResolutionRequired /t REG_DWORD /d 0 /f
Now clients can join to Samba-based domains. After successfully joinning to a domain, you will see the message saying "Changing the Primary Domain DNS name of this computer to '' failed". Actually this error doesn't affect the domain function itself, so just ignore the message.
After restarting the computer (as you usually do after joinning to a domain), users can log on to the client computer. If you encounter the error ("The trust relationship between this workstation and the primary domain failed") while logging on, make sure that your PDC (and all BDCs if exists) has the same SID as the domain SID. You can check your SID by running the following command on the server side:
Client Side: Windows 7 Enterprise (32-bit / 64-bit) or Windows Server 2008 R2 Enterprise, both RTM
You can do it, but you need to change registry values on the client side.
Without configurations listed below, Windows 7 or Server 2008 R2 clients cannot join to Samba domains (the error message will be: "The specified domain either does not exist or could not be contacted").
Run these commands as the Administrator:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DomainCompatibilityMode /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DNSNameResolutionRequired /t REG_DWORD /d 0 /f
Now clients can join to Samba-based domains. After successfully joinning to a domain, you will see the message saying "Changing the Primary Domain DNS name of this computer to '' failed". Actually this error doesn't affect the domain function itself, so just ignore the message.
After restarting the computer (as you usually do after joinning to a domain), users can log on to the client computer. If you encounter the error ("The trust relationship between this workstation and the primary domain failed") while logging on, make sure that your PDC (and all BDCs if exists) has the same SID as the domain SID. You can check your SID by running the following command on the server side:
# net getdomainsidIf SIDs are different between the local machine and the domain, change the local machine SID to the domain SID. In the above example, you can accomplish this by:
SID for local machine SMBPDC is: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-123456789
SID for domain SMBDOMAIN is: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-987654321
# net setlocalsid S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-987654321Now these two SIDs should have the same value:
# net getdomainsid# Japanese translation of this article is here.
SID for local machine SMBPDC is: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-987654321
SID for domain SMBDOMAIN is: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-987654321
Comments