Metadata-Version: 2.1
Name: smbjoin
Version: 0.1.1
Summary: Offline Windows AD domain join tool for Samba
Home-page: https://github.com/ravenexp/smbjoin
Author: Sergey Kvachonok
Author-email: ravenexp@gmail.com
License: MIT
Keywords: ADS,Samba,TDB,Windows
Platform: UNKNOWN
Requires-Python: >=3.6
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pycryptodome (~=3.10.0)
Requires-Dist: regipy (~=2.2.0)

Offline Windows AD domain join tool for Samba
=============================================

Implements a custom `smb-net-ads-join` utility, which performs the same
operation as `net ads join` Samba command, but works completely offline.

To join a Samba system to an AD domain it needs `SYSTEM`, `SECURITY` and `SAM`
registry hive files from a Windows system that is already joined to
the same domain.

Usage
-----

```
usage: smb-net-ads-join [-h] [-v] [-V] [-J] [-o FILE] DIR

positional arguments:
  DIR                   Windows registry hive files directory (e.g. '/Windows/System32/config')

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         print intermediate results and debug info
  -V, --version         show program's version number and exit
  -J, --json            generate 'secrets.json' file in place of 'secrets.tdb'
  -o FILE, --output FILE
                        generated 'secrets.tdb' file name and location
```

### Example invocation

Assuming that Windows drive `C:\` is mounted to `/mnt/windows/`:

```
$ smb-net-ads-join /mnt/windows/Windows/System32/config
Using short domain name -- DOMAIN
Joined 'HOSTNAME' to realm 'domain.company.com'
```

A new database file `secrets.tdb` is created in the current directory.

It must be placed into `/var/lib/samba/private/` and,
with an appropriate `smb.conf` configuration,
`winbindd` will run as if `net ads join` command was executed.

### Common errors

When the Windows machine is not joined to an ADS domain:

```
$ smb-net-ads-join /mnt/windows/Windows/System32/config
WARNING:smbjoin.cli:Registry hive access failed: Did not find $MACHINE.ACC at Policy
CRITICAL:smbjoin.cli:Extracting secrets failed: Machine account password key does not exist
error: Domain machine account data was not found in the registry
```


