Hello, We've encountered an issue not previously seen in our environment. We join our Linux machines (most are Oracle Enterprise Linux 6.x or 7.x) to an Active Directory domain. We do this by using Samba/Winbind. When joining a Linux host, we create the computer account in AD ahead of joining the computer to the domain. This ensures the computer account is created in the sub-OU we need it in. Historically, this has worked without issue.
We recently noticed that this behavior has changed. Now, when we join a Linux host to the domain after creating its computer account, it is moved to the default computers OU in the domain. This is not where we want it to be located. This does not happen when Windows hosts are joined. When we run 'net ads join' with debug output, the following line is seen: "The machine account was moved into the specified OU." A Google search indicated this is coming from Samba code. The version of Samba we are using is 4.4.4-12. The samba-winbind version is the same. Was functionality to move the account to the default computers OU added or has it historically been in Samba? If it has, is anyone aware of what functionality in AD could have changed to produce this behavior? I realize this is a Samba support list but I'm curious to know if someone may be familiar enough to render a guess. I am not an AD administrator and am at a loss. Thank you, Matt Thompson Assistant Managing Director TOSM Enterprise Systems Texas Tech University System (806) 834-3646
