[Spacewalk-list] "net join" during Kickstart
James Hogarth
james.hogarth at gmail.com
Mon Dec 14 15:55:39 UTC 2009
Nothing by default as far as I can recall... but it has been a couple of
years or so now since I was sysadmin'ing windows servers and doing
*NIX/windows integration work.
You'll want a user delegated with the ability to join a computer to the
domain but given that the info for that would end up plain text in your
script it would be best if that user could do nothing but join to a
domain....
Have a look at http://support.microsoft.com/kb/324949 to see how to change
the default location for new users/computers so they can go to an OU by
default instead of a container. That way a GPO can be applied to them. That
GPO should be pretty restrictive... limit which user(s) can log in, limit
net access etc so that if someone gets the 'join domain' user information
they are very limited in what they can do after having joined the domain....
The computer can then be moved via your usual tools (AD, hyena, etc) to the
correct OU for that system...
That was the way I used to do it in win2k3R2 days.....
2009/12/14 Gerd Mueller <gerd.mueller at mikatiming.de>
> that sounds the way to look for. any tip about which gpo to use or how
> the user should be configured?
>
> Thank you
>
> Gerd
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20091214/4b810f9b/attachment.htm>
More information about the Spacewalk-list
mailing list