Differences between version 9 and predecessor to the previous major change of SambaAsPDC.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 9 | Last edited on Monday, February 24, 2003 9:27:01 am | by DanielLawson | Revert |
| Older page: | version 8 | Last edited on Sunday, October 13, 2002 11:04:49 pm | by PerryLorier | Revert |
@@ -43,6 +43,31 @@
Now that this is done, tweak your left nipple, touch your right knee, and pray to Allah, boom shanka, working Samba PDC.
!!Problems, and solutions:
+!Win2k Joining the Domain
O.k. just did this on a Windows 2000 machine, and had the problem that after joining the domain I could still not log on and got "Initialization failed because the requested service redirector could not be started." in the win2k event log. After some chatting on IRC it has been revealed to me that you will need a further reboot to get the thing working. Which for me seemed to fix it.
There is a related TechNet article http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q262348&
+
+
+!WinXP Pro Joining the Domain
+
+Note that this was performed using WinXP Pro and a Samba 3.0 PDC with LDAP backend. YMMV.
+Also note that you *cannot* get WinXP Home to join a domain. At all. Ever.
+
+[IBM|http://www.ibm.com/servers/esdd/tutorials/samba/samba-a4.pdf] have some information on this.
+
+In summary:
+
+You follow the normal procedure for joining a NT-class machine to the domain (ie, create machine accounts etc). However, before you try to join the XP machine to the
+domain, do the following:
+
+1. Open the Local Security Policy editor (Start -> All Programs -> Administrative Tools -> Local Security Policy).
+2. Locate the entry "Domain member: Digitally encrypt or sign secure channel (always)". Disable it.
+3. Locate the entry "Domain member: Disable machine account password changes". Make sure it's disabled as well.
+4. Locate the entry "Domain member: Require strong (Windows 2000 or later) session key". Disable it.
+5. Next, apply the RequireSignOrSeal registry patch
+6. Now join the domain the same as you would for Windows NT or 2000. Right-click My Computer, select Properties, Computer Name, and Change. Or click the Network ID button and run the Network Wizard.
+
+And voila, it all works.
+
+XP handles domain stuff differently to the previous OSs. Amongst other things, it always wants to synchronise offline files, which is a pain.
