Archive for March, 2006
I fielded a call recently from someone who was having trouble joining a set of Macintosh workstations to the domain in his SBS-based network. He had followed the instructions on this blog as well as in the SBS 2003 Unleashed book, but was still having issues.
We went through the usual suspects: DNS (configured correctly, got lookups from AD just fine), SMB signing (able to access shares on the server with no hccups), and the Directory Access configuration. No matter what he tried, when he clicked the Bind button in Directory Access to join the domain and entered the administrator username and password, Directory Access would get to step 3 of the process and give a password error.
I asked if he was using any special characters in the Administrator password, and that’s when he told me that the Administrator password was blank. As soon as we set the Administrator password to something other than blank, the Mac joined the domain immediately.
This is not the first time I’ve run across network encounters that break when there is no password on the Administrator account. I didn’t ask if he was using a blank password while setting up the system, or if they use a blank Administrator password as normal practice. Bottom line, the password on your Administrator account shoudl be the most complex and most secure password on the network. This is the account that hackers will try first when attempting to compromise security on your network, and an empty password is one of the first that they will attempt to use.