[Samba] Machine trust accounts in /etc/passwd

Ronald Jore ronald at it.usyd.edu.au
Thu Feb 7 17:32:03 GMT 2002

Newbie alert!

Hi there,

I would like to setup our samba server so that users known to the 
server can login to Win2k clients without having a local account on 
those machines in the first place, i.e. authenticate against the 
 From the excellent online documentation I learnt that I would have to 
setup samba to act as PDC first so I set out to do this.

The one thing which really gives us problems here is that every 
machine needs a local unix account and that the machine's "trust" 
account name needs to contain a '$' character.
Because of the special meaning of '$' for shell scripts and regular 
expressions this would potentially break all sorts of stuff we are 
currently using to maintain our accounts.

Is there any way to setup samba as PDC
  - by either using machine trust accounts without any special characters, or
  - without creating an /etc/passwd entry for each machine altogether 

BTW: I found the following quote at 

Because Samba requires machine accounts to possess a UNIX uid from 
which an Windows NT SID can be generated, all of these accounts must 
have an entry in /etc/passwd and smbpasswd. Future releases will 
alleviate the need to create /etc/passwd entries.

Can anyone tell me for which release this is planned to be the case?



More information about the samba mailing list