27.2.12

Windows XP joins Samba 4 Domain

Many moons ago, I took delivery of 25 IBM black boxes. They came complete with dodgy power-on buttons, 256MB of RAM and they ran XP. The deal was buy 24, get one free. They lasted a day before getting virus ridden for the the rest of their microsoft lives. We installed SuSE 7 and updated from the 6-CD set at regular intervals. The boxes were thrashed to hell 12/6. There was to be a gap of over 10 years before we installed XP again. It would have been nice to use one of those old IBM's. Alas, we had to make do with Oracle VB.
1999. the IBM Intellistation
On the other side of the room is an Ubuntu machine running Samba4, DNS and NFS. Here is us dealing with the windows side of affairs.
XP installation on VirtualBox
There must be a reason for all this. Why install XP all these years on? Samba 4 is poised to seriously question the M$ monopoly on Corporate (and not so corporate) networks. Open Source Active Directory is here, and it's here now. But just what is Active Directory and how can we use our Linux workstations within it? Let's join the domain and have a look.
First failure to join the domain. CACTUS is our workgroup
hh3.site is our domain!
Irrefutable evidence that Microsoft is present
Next
Login as domain administrator, install Chrome and make it default
 Then grab the Microsoft Remote AD Tools
How do I get the thing on the Desktop?
Here you can see our Posix-ified  Domain group, debusers
Neat eh? AD without a microsoft server in sight. Go on, admit it. There were a few head scratching moments trying to join the domain. Like not setting DNS and forgetting how you log on to the domain rather than the computer iteself. Oh, and there were other failures too. Go on. Tell them. Admit it. Erm, OK. We have only Spanish keyboards and erm, well our password for Administrator wasn't accepted. But of course you don't see the password, do you. So we didn't know that when you think you ate typing MyP@s1wd you are actually typing MyP²s1wd. This makes Kerberos throw violent fits over on the KDC with all manner of threats about deception (or was it decryption?), not to mention bad language like arcfour-hmac-md5. Not a pretty site (geddit?!). You have been warned.