> If it must "join" the domain why doesn't Samba try join the domain > automatically (if it's not already joined) using the credentials of > the first user who tries to map a drive?
Probably because a normal user trying to map a drive isn't a Domain Admin, and generally only Domain Admins can add computers into domains. I think you misunderstand the purpose of joining a domain. You don't join with specific credentials (e.g. a user mapping a drive), you use a domain admin's credentials to add Samba into the domain, which means from that point forward Samba is "allowed" to ask the domain to check passwords instead of doing so itself. This is greatly simplified, but until Samba is a member of the domain you'll usually be prompted for a password. > It appears to me that I must "net join" the domain from the Samba > server for this to work. Is this correct? Are there alternatives? There's no need. If I understand the process correctly, once you've added Samba to the domain (while logged in as a Domain Admin) Samba creates its own login name and password (a 'machine' account.) From this point on Samba logs in with these credentials whenever it needs access to the domain - anything from getting a list of users to checking whether the supplied password is correct. Actually there is one alternative, that of specifying a "password server", however IMHO joining a domain is a 'cleaner' solution, even if it requires a bit more work. > My problem is that this "net use" command requires some manual > intervention (entering a password for a domain user) that we'd rather > avoid. Once you've successfully joined the domain this will work the way you expect (assuming Samba/winbind is configured correctly.) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
