UNIX/NT Account Creation Scripts?

Gerald Carter gcarter at valinux.com
Sat Jul 29 06:57:46 GMT 2000 

Lisa Becktold {CADIG STAFF} wrote:
> 
>          Does anyone have any scripts they use across UNIX and NT
>          to create user accounts?  I have access to rsh and
>          adduser.pl with the NT Resource Kit, so presumably I
>          could write a script on the UNIX side to create a user
>          account there, and then run "rsh adduser.pl" on the NT
>          server to add users there.  I'm sure someone has done
>          something better or more elegant, though.  Please pass
>          on any ideas or scripts you have used!

Lisa, I don't normally recommend books on mailing lists,
but there is an O'Reilly book on using Perl for cross
platform sysadmin work that's pretty good I think.
It covers user account management in a way that might be 
interesting to you.  It's by a guy named David Blank-Edelman
and the book is call "Perl for Systems Administration" or 
something like that.

>         .  I don't need an smbpasswd file.  
>         .  The passwords for the Unix user accounts and the NT user
>            accounts do NOT need to be sychronized
>         .  When a user on an NT workstation logs into the NT domain,
>            they are authenticated by the NT server.  However, they
>            are mounting their home directory from the UNIX Samba
>            server.  The user is NOT prompted for a Samba or Unix
>            password to mount the home directory.
>         .  Samba appears to look at the username in the 
> 	     Unix /etc/passwd table and extract the 
>	     proper home directory.
>         .  UID is not a consideration.  There is no 
>	     smbpasswd table, so Unix and smbpasswd UIDs 
>	     do not have to match.  And of course, the UIDs
>            between Unix and NT do not have to match.

Correct on all accounts.  And it will get easy when the winbind 
nss and pam modules are released in 3.0 (maybe 2.2.0 if we work 
really hard).

> My basic question is stated above, but I have an additional question
> about configuration stated here:
> 
>         1.  This seems too easy.  Is there some glaring error in this
>             configuration?  My smb.conf hasn't been customized much
>             yet.  Here it is:
> 
>                 netbios name = UNIX SAMBA SERVER
>                 workgroup = NTDOMAIN
>                 security = domain
>                 password server = NTSERVER
>                 encrypt passwords = yes
>                 os level = 0
>                 domain master = no
>                 local master = no
>                 preferred master = no
> 
>              I'm also offering up the [homes] share.

Looks good to me





Cheers,
jerry
----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com  VA Linux Systems    gcarter at valinux.com
       http://www.samba.org       SAMBA Team           jerry at samba.org
       http://www.eng.auburn.edu/~cartegw

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba mailing list