This glosses over John's problem at SambaXP 2003. When we want to join

a NT4 domain as a BDC with an existing workstation account (existing
bdc is fine), we fail. Print a friendly error message in this case.

The correct solution would probably be to delete the account and try
again. But even this makes us better than NT: NT4 fails in this
situation with an empty warning message box and an unusable BDC. It
has unsuccessfully tried to suck down the domain database, and thus
has no administrator account to log in after reboot....

Volker

diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index ebb0b4dcebfeeab4b54712992dd9f89951139bb6..e8fa39ec92d02cb7ffd728c08247cad56c7fe31d 100644 (file)
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -317,9 +317,23 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 
        /* ensure that schannel uses the right domain */
        fstrcpy(cli->domain, domain);
-       CHECK_RPC_ERR(cli_nt_establish_netlogon(cli, sec_channel_type, 
-                                               md4_trust_password),
-                     "Error in domain join verfication\n");
+
+       result = cli_nt_establish_netlogon(cli, sec_channel_type, 
+                                          md4_trust_password);
+
+       if (!NT_STATUS_IS_OK(result)) {
+               DEBUG(0, ("Error domain join verification: %s\n\n",
+                         nt_errstr(result)));
+
+               if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) &&
+                    (sec_channel_type == SEC_CHAN_BDC) ) {
+                       d_printf("Please make sure that no computer account\n"
+                                "named like this machine (%s) exists in the domain\n",
+                                global_myname());
+               }
+
+               goto done;
+       }
 
        /* Now store the secret in the secrets database */