[Samba] LDAP: add machine script required?

Nick Urbanik nicku at vtc.edu.hk
Sat Aug 23 00:31:28 GMT 2003 

Nick Urbanik wrote:

> Dear Folks,
>
> Thanks again Jerry.
>
> "Gerald (Jerry) Carter" wrote:
>
> > On Thu, 21 Aug 2003, Nick Urbanik wrote:
> >
> > > If I use sambaSamAccount with samba 3.0.0 RC1, do I need to define an
> > > add machine script?  I want to be able to add machines to the domain
> > > as simply as possible (i.e., "automatically").  So is an add machine
> > > script needed, or does samba contain code to create the accounts
> > > itself?
> >
> > Yes.  3.0 no longer defaults to using the 'add user script' to create
> > machine accounts.  See the WHATSNEW.txt
>
> Thanks, yes, I read that many times in the past, and before mailing to
> this list have tried to understand when ldapsam_add_sam_account() in
> samba-3.0.0rc1/source/passdb/pdb_ldap.c gets called and what it will do if
> a machine account does not exist, or whether an add machine script is
> required.
>
> So what _should_ the add machine script do with an ldapsam backend based
> on sambaSamAccount?
>
>    * Create the entire entry complete with sambaSamAccount, account
>      objectClasses?  Or
>    * Create the entire entry complete with sambaSamAccount, account and
>      posixAccount objectClasses?  Or
>    * just create a posixAccount for the machine?  Or
>    * just create an account placeholder entry to be filled in by
>      ldapsam_add_sam_account() in samba-3.0.0rc1/source/passdb/pdb_ldap.c?
>
> As I mentioned earlier, the man page is not so clear (to me):
>
>   add machine script (G)
>       This is the full pathname to  a  script  that  will  be  run  by
>       smbd(8)  when a machine is added to it's domain using the admin-
>       istrator username and password method.
>
> ====> This option is only required when using sam  back-ends  tied  to
> ====> the  Unix  uid method of RID calculation such as smbpasswd. This
>       option is only available in Samba 3.0.
>
> My question is simply what should the add machine script do (now that you
> have clarified that I need one)?

Just a rough, approximate pointer to an answer would be great.  I know this
list is full of questioners and not many answerers, and now is flooded by
silly virus notifications.

--
Nick Urbanik   RHCE                               nicku(at)vtc.edu.hk
Dept. of Information & Communications Technology
Hong Kong Institute of Vocational Education (Tsing Yi)
Tel:   (852) 2436 8576, (852) 2436 8713          Fax: (852) 2436 8526
PGP: 53 B6 6D 73 52 EE 1F EE EC F8 21 98 45 1C 23 7B     ID: 7529555D
GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24   ID: BB9D2C24

More information about the samba mailing list