Univention Bugzilla – Bug 30141
simple tool for automatic domain join
Last modified: 2013-03-26 09:14:27 CET
There should be a simple (even if slightly insecure) way to enable an automatic domain join during rollouts. Idea: Implementing a tool which defines join user and password in the image (somehow similar to ucc-image-root-password). Administrators can define a user for joining those images by adding the user to "Domain Admins" and activate the user only during rollouts. The main goal is to enable full non-interactive rollouts.
ucc-image-set-join-information in ucc-image-toolkit (1.0.1-2) asks for a username, password and domain name and puts this information into the specified image. The initram looks if information for an automatic join is available and reads the provided files for the information. After the join the files are removed. Remark: In my tests i found out that a user has to be in both groups 'Domain Admins' and 'DC Backup Hosts' if he wants to adds computers to the domain.
I modified the current desktop image and prepared it with ucc-image-set-join-information -i /var/lib/univention-client-boot/ucc-1.0-desktop-image.img so that the Administrator account and it's password was used. This led to a fully automatic build except confirmation of the partitioning. I've filed an additional bug to make the partition prompt easier to change: https://forge.univention.org/bugzilla/show_bug.cgi?id=30207
UCC 1.0 has been released: http://forum.univention.de/viewtopic.php?f=26&t=2417 http://forum.univention.de/viewtopic.php?f=54&t=2418 If this error occurs again, please use "Clone This Bug".