Deleting a Computer from the Webconfig means Computer can no longer be re-added to Webconfig
Migrated from: https://tracker.clearos.com/view.php?id=20201
Reported by: Nick Howitt
If you delete a Domain computer from the Windows Networking webconfig while it is still a Domain Member, it means that, even if it rejoins the domain, it will no longer show in the Webconfig.
This could be the scenario if one of your computers goes missing and you want to delete it from the Domain. If you then find it, you can re-add it but it will never show in the webconfig.
It appears that the computer is deleted in LDAP by the webconfig and pdbedit -L
comes up with nothing for the computer. In this state, when you re-join the Domain, Windows Networking does not show the computer although pdbedit -L
does. If you subsequently leave the domain, pdbedit -L
shows the computer with an id of missing from the bug report
and pdbedit -Lv
shows something like:
Unix username: BLACK$
NT username: BLACK$
Account Flags: [W ]
User SID: S-1-5-21-3307318640-3208748685-2086284823-20000003
Failed to find a Unix account for BLACK$
Primary Group SID: (NULL SID)
Full Name: BLACK$
Home Directory: \\myserver\black_
HomeDir Drive: U:
Logon Script: logon.cmd
Profile Path:
Domain: CLEARSYSTEM
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: never
Kickoff time: never
Password last set: Mon, 21 May 2018 14:03:05 BST
Password can change: Mon, 21 May 2018 14:03:05 BST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Note the two lines:
Failed to find a Unix account for BLACK$
Primary Group SID: (NULL SID)
At this point the only way to recover is to do a pdbedit -x BLACK$
which will allow you to rejoin.
It may be that the delete operation should be a pdbedit -x
operation rather than an LDAP operation.
Developer comment:
This may become a WontFix as we head towards 8.x if we drop NT4 style domains