Populate Samba's secrets database using offline domain join (!58) · Merge requests · realmd / adcli

Samuel Cabrero requested to merge scabrero/adcli:scabrero-samba-odj into master Sep 06, 2023

The samba integration --add-samba-data is broken when Samba's secrets database does not exist because the net changesecretpw command requires some preexisting keys (https://bugzilla.samba.org/show_bug.cgi?id=13577).

To ease the integration with external programs that provision the computer account on their own Samba has now the net offlinejoin composeodj command (https://gitlab.com/samba-team/samba/-/merge_requests/3248). It takes a number of parameters and produces an offline domain join (ODJ) blob, consumed by net offlinejoin requestodj to join the machine offline and populate the secrets database.

This command will be available in next samba 4.20 and will be backported to 4.19 and 4.18.

I open this draft MR to start the review process and be ready to merge it as soon as the samba versions are released.

Edited Sep 06, 2023 by Samuel Cabrero

Admin message

Populate Samba's secrets database using offline domain join

Merge request reports