[Samba] LDAP: add machine script required?
Markus Amersdorfer
markus.amersdorfer at aon.at
Sat Aug 23 08:07:20 GMT 2003
On Fri, 22 Aug 2003 07:59:13 +0800
Nick Urbanik <nicku at vtc.edu.hk> wrote:
> My question is simply what should the add machine script do (now that
> you have clarified that I need one)?
I wrote a "create-machine-account.sh" for Samba 2.2
( http://homex.subnet.at/~max/ldap/index.php#samba-join-windows ).
Summary of its actions:
* Get the necessary data to be able to connect to the LDAP-server.
(The script uses settings in pam_ldap.conf and ldap.secret for this.)
* Next, it finds the highest uidNumber of any already existing
machine-account.
* If necessary, it creates the group "machines". This group will be the
group of all machines.
* It checks if the machine-account already exists. If so, it exits.
* If everything went fine until here, it creates the Linux-account.
* Afterwards, it makes this new entry a full Samba-Machine-Account using
smbpasswd -a -m.
You will have to adapt this to work with Samba 3.0 (probably change
attributes from sambaAccount to sambaSamAccount and similar stuff, but I
don't know Samba 3.0 yet).
Cheers,
Max
--
The first time any man's freedom is trodden on, we're all damaged.
<Cpt. Picard, "The Drumhead", StarTrek TNG>
http://homex.subnet.at/~max/
More information about the samba
mailing list