Hello, I am sorry, I was not clear enough. I am not planing to add the SAMBA server to the domain as a Domain Controller, I would like to add it to the domain as a domain member. How ever, when I try to join the domain when pointing my SAMBA machine to a Microsoft Read Only domain Controller I fail with the error I have mentioned (when pointing to a normal Domain Controller this work, how ever in the planned implementation I might have access only to Microsoft RODC's for joining the domain). Should this work? Best Regards, Hagai
--- On Sun, 6/6/10, hagai yaffe <[email protected]> wrote: From: hagai yaffe <[email protected]> Subject: Can SAMBA work with 2008 R2 Read Only Domain controller To: [email protected] Date: Sunday, June 6, 2010, 6:12 PM Hello, We are planing to utilize Microsoft 2008 R2 Read Only Domain controller, and deploy RODC's in branches. If I would like to have SAMBA servers in those branches, will I be able to add them to the domain (using "net ads join") and work with them, when using the RODC's as domain controllers configured in my smb.conf & krb5.conf? I have looked around and did not find any documentation for SAMBA supporting / not supporting this. I have done some testing and failed (I got "Failed to join domain: failed to connect to AD: Decrypt integrity check failed Ok" from the "net ads join" command), before investing more time in troubleshooting I hoped that someone could assist and tell me if such a configuration is possible. If this is not possible, it would be great to know why. Best Regards, Hagai -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
