Home / server / Questions / 587480
In Process
rtacconi
Asked: 2014-04-09 05:31:41 +0800 CST

How to check if a computer have already joined a domain with Samba

  • 772

I am using this command to add a Linux boxes to Active Directory:

net ads join -U username%password

I have to make this command idempotent by checking the Linux box already exists in the domain. The command line help it is not useful.

I wonder if there is something like:

net ads search computer-name

I am using Samba 3

linux

2 Answers

  1. Use net ads testjoin:

    # net ads testjoin -k
Join is OK

    → This box is joined. Now remove it from the domain and testjoin returns -1:

     # net ads leave -k
Deleted account for 'DEADBEEF' in realm 'EXAMPLE.COM'
# net ads testjoin -k
Join to domain is not valid: NT code 0xfffffff6
# echo $?
255
    • 3

  2. You can use net ads dn 'queryhere' to search for a computer object.

    For example, I can use the following to find the "Nagios" linux server in the "Servers" OU of my domain:

    net ads dn 'CN=nagios,OU=Servers,DC=my,DC=domain,DC=com' cn -S DC_NAME -P -l

    The -P switch makes it use the computer account to do a lookup (computer must be joined to a domain for this to work) and -l gives more verbose information. If it fails, using -d 10 will show you why.

    • 2