Re: Samba/Winbind join domain requires password at every reboot?

Tobias Skytte wrote:
Robert Harris skrev:

If you don't have to authenticate yourself to the domain when you
reboot, then how can the domain be sure who you are?

You have to store a password somewhere!

Robert

Well, in Windows once you join the domain you don't have to enter the admin password at every reboot, and if you change the admin password in the PDC then all the machines don't have to be re-joined, so once they are joined they are joined forever. Why should this behaviour be different under linux?
The main prob, is 1) I have to put the PDC admin password in plain text in a script, and 2) if the admin password changes then the script has to be changed and 3) why should it be different under linux than under windows?

I'm not certain how you've set up Samba, but AD is just the MS implementation of Kerberos and LDAP. Each machine needs its own account. (In Kerberos, each machine is a principal.) When the machine boots, it logs in to the Windows domain (Kerberos realm) as itself, not as a person. This is before any human (who would also be a principal) ever tries to log in on the client. So...

Do you have an account for the machine under Computers in Users and Computers (LDAP)? And, if you do, why are you logging the client machine in as the (domain?) administrator instead of as itself? Or maybe you keep creating a machine account over and over and over and over and ... which *would* use the domain admin account, but you should only have to do it once ever.

Just some ideas for you.
.

Relevant Pages

  • Re: Samba/Winbind join domain requires password at every reboot?
    ... I have set up samba to join a windows domain (and everything works ... So the question is why is this necessary at every reboot? ... want to leave the admin password in some script. ...
    (comp.os.linux.networking)
  • Administrator Password
    ... Q321305 How to Log On to Windows XP If You Forget Your ... Reboot to Safe Mode, select Administrator, leave password ... that will let you reset the password of any account on ...
    (microsoft.public.win2000.security)
  • Re: Samba/Winbind join domain requires password at every reboot?
    ... Well, in Windows once you join the domain you don't have to enter the admin password at every reboot, and if you change the admin password in the PDC then all the machines don't have to be re-joined, so once they are joined they are joined forever. ... Do you have an account for the machine under Computers in Users and Computers? ...
    (comp.os.linux.networking)
  • Re: User "ASP.NET Machine A"?
    ... The Welcome to Windows screen appears when you start Windows XP ... after you install the .NET Framework 1.1 ... What is the ASP.NET Machine Account? ... | The only software I installed since my last reboot was the .net Framework ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: XP admin account hacked?
    ... Log in to any account that has Administrator access. ... Windows XP Home: ... If you are using Windows XP Pro and have encrypted data, ... Correct me but I> understand the admin password could not be changed by> anyone except me. ...
    (microsoft.public.windowsxp.security_admin)