[Samba] Changes to userPassword attribute in LDAP for machine accounts

Dariush Forouher dariush at forouher.de
Sun Aug 10 19:42:34 GMT 2003

Am Son, 2003-08-10 um 19.49 schrieb Bernhard Czech:
> Hi,
> does Samba-3.0.0beta3 still requires the posixAccount object for machine 
> accounts?

Unless you use winbind, yes (Which doesn't make much sense when you're
already using LDAP & nss-ldap).

> If so does Samba or any program called by Samba change the userPassword 
> attribute for machine accounts?

Samba has an option 'ldap passwd sync', when set samba will update
userPassword whenever the two samba hashes are updated, too.

> If no posixAccount object is required for machine accounts and there is 
> a userPassword attribute from a differnt Object, does Samba or a program 
> called by Samba change the userPassword attribute?

Just checked this here: If there is no userPassword attribute in the
entry, samba won't create a new one (at least not with machine trust


More information about the samba mailing list