Red Hat Bugzilla – Bug 224091
Support creation of AD/NT domain computer accounts
Last modified: 2008-05-01 11:39:17 EDT
Description of problem:
Integration into existing Windows networks would be easier if we had a way to
create a computer account as part of the installation process. Right now this
needs to be done manually after the installation, using Samba's net command.
An interactive option at installation time or a kickstart option would be ideal.
The problem with the latter is that AD requires a valid Kerberos ticket, which
in turn means having someone entering a password so that their credentials can
be then passed around. This is not impossible to achieve (if the user can get
forwardable tickets); it mostly requires a mechanism to be established for this
kind of things. One option would be to pass the user ticket through the
kickstart server onto the machine being installed; another would be for the
account to be created by the kickstart server, which would then pass the
computer credentials. In either case, there would need to be a way to keep the
The above could be scripted somehow in the post-installation stage, but I have
the feeling that solving the problem once for all would be more effective than
having everyone reinvent the wheel again and again - poorly or at least in a
authconfig needs to be able to handle this before anaconda can even think about
it. We use authconfig pretty much everywhere for setting this stuff up.
Fedora apologizes that these issues have not been resolved yet. We're
sorry it's taken so long for your bug to be properly triaged and acted
on. We appreciate the time you took to report this issue and want to
make sure no important bugs slip through the cracks.
If you're currently running a version of Fedora Core between 1 and 6,
please note that Fedora no longer maintains these releases. We strongly
encourage you to upgrade to a current Fedora release. In order to
refocus our efforts as a project we are flagging all of the open bugs
for releases which are no longer maintained and closing them.
If this bug is still open against Fedora Core 1 through 6, thirty days
from now, it will be closed 'WONTFIX'. If you can reporduce this bug in
the latest Fedora version, please change to the respective version. If
you are unable to do this, please add a comment to this bug requesting
Thanks for your help, and we apologize again that we haven't handled
these issues to this point.
The process we are following is outlined here:
We will be following the process here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this
doesn't happen again.
And if you'd like to join the bug triage team to help make things
better, check out http://fedoraproject.org/wiki/BugZappers