[Samba] Re: Removing requirement for local machine accounts

Jim jcllings at tsunamicomm.net
Thu Jan 9 05:47:00 GMT 2003

Couple of things.

1.  Isn't it true that if you kept your Linux and Samba user accounts in 
an LDAP database that this issue would disappear? You could use both the 
posixAccount and sambaAccount object classes and the system would check 
for a user and viola! There is one already there and it is literally the 
same one!  This is something I am currently implementing however I am 
having some trouble getting the database structure right.

Herb Lewis wrote:
> "Bradley W. Langhorst" wrote:
>>>It would also be nice if there was a way to alias all the system machine
>>>accounts into one system account (and, for that matter, the samba machine
>>>accounts into one samba account) and have samba do magic to keep what it
>>>needs seperated out somewhere I don't have to worry about (Is this kind of
>>>stuff in secrets.tdb?).
>>the aliasing idea can't work because each machine must have its own
>>password(it's updated automatically every x days)
> This is not strictly true. The machine passwords are kept in the file
> smbpasswd not in /etc/passwd. You could hack smbpasswd to always create
> machine accounts with a fixed UID. Then you only need one account in
> /etc/passwd with this UID instead of one account for each machine.

More information about the samba mailing list