3

Joining Linux host to Windows AD is widely documented.However I struggle to find any guides or best practices on how to join Linux clones that were already members of the domain.
Naturally things start to break due to the identical SIDs .I cannot use 'net ads unjoin' as this would remove original SID from the domain...

Shane Madden
  • 112,982
  • 12
  • 174
  • 248
Sergei
  • 1,216
  • 16
  • 24
  • 1
    Clone the machine before you join the domain. – Zoredache Mar 13 '12 at 18:58
  • Unfortunately this is not applicable in my case.We are testing disaster recovery plan and I am given VMs that have been backed up as images and recovered as a part of the excercise. This is not my DR plan - for our DR plan we have bubble network that would prevent problems like mine happening ... – Sergei Mar 13 '12 at 19:42

1 Answers1

5

This should answer your question:

Active directory with duplicate machine SIDs

Duplicate SIDs don't matter (for non domain controllers.)

edit: To clarify - each machine will be given a new RID as it is joined to the domain, regardless of what its local SID is. A RID will never be re-used, ever, regardless of the member server being a clone.

Community
  • 1
Ryan Ries
  • 55,011
  • 9
  • 138
  • 197
  • I thought so as well.Just now I successfully broke domain join for original host while joining a clone. – Sergei Mar 13 '12 at 16:30
  • Do they have different hostnames? – Ryan Ries Mar 13 '12 at 16:31
  • Yes, I have changed /etc/hosts, /etc/hostname and /etc/smb.conf, rebooted and then attempted to joing.I will double check another join with other host tomorrow – Sergei Mar 13 '12 at 16:37
  • Seems like a it was a network issue plus bad luck.The host has been deleted from AD shortly after I joined it.After network team fixed connectivity I could join the hosts without any problems. – Sergei Mar 17 '12 at 13:22