creating accounts in ldap with smbpasswd?

paul paul at
Sat Jul 26 21:11:29 GMT 2003

Lars Grobe wrote:
> Hi! 
> It is getting quite complicated... I am just setting up 
> a ldap server that is to hold our user accounts. Those 
> are to be used a authentication for our windows (via samba 3), 
> solaris and mac os x clients. afaik I should use the new 
> samba 3 schema, right? I suppose that all tools dealing with 
> samba accounts that will be developed in future will use 
> the new schema. However, all existing tools are for 2.2 schema. 
> What are you using to maintain your account databases? 
Scripts. Write a few wrappers around pdbedit and smbpasswd use the hooks 
(add user skript, add machine script...) in smb.conf and you' re gone.

> I read that smbpasswd handles everything to create accounts in 
> ldap. Does this mean it creates posix and samba accounts? 
Not the posix stuff.
> ask this as I also read that accounts are needed in /etc/passwd,
sigh, samba doesn't care if your users are in LDAP or /etc/passwd if 
your NSS-modules are configured correctly, so it's your choice.

> but this doesn't make sense - I don't want accounts in ldap AND 
> passwd. Will smbpasswd -a create all data necessary for an unix 
> account (home, password, shell, id etc) AND all the special samba 
> stuff (nt-password, logondrive etc)? 
No, it only adds the SambaSAMAccount attributes, the posixAccount has to 
exist prior to running smbpasswd.

> I hope this question is not too stupid, but I want to jump into 
> the ldap adventure now that samba comes closer to 3.0... and 
> our new file server is waiting to get into production :-) 
Good luck ;)

> TIA+CU, Lars. 

More information about the samba-technical mailing list