[Samba] Removing requirement for local machine accounts

[Buchan Milne]

> Message: 7
> Date: Wed, 8 Jan 2003 09:32:22 -0700
> From: Dan Peterson <danp at danp.net>
> To: samba at lists.samba.org
> Subject: Re: [Samba] Removing requirement for local machine accounts
> 
> Bruno Gimenes Pereti <pereti at ump.edu.br> wrote:
> 
>>> add user script = sudo /usr/sbin/adduser -n -g machines -c Machine -d 
>>> /dev/null -s /bin/false %m$
> 
> 
> Unfortunately, this is where the headache comes from. We rsync necessary
> password files (both system and samba) to many FreeBSD and Linux machines
> every few minutes.

You may want to consider using LDAP instead?

> These are generated from a PostgreSQL database which we'd
> rather not clutter with extra accounts if possible. So, that's why I'd like
> each samba instance to just do whatever it needs to do to let machines think
> they've joined the domain without caring about system and samba accounts.

Well, I don't know about making the machines think they have joined the
domain (they have password, which they need to access the domain), but
you may want to look into using one of the _nua (no user account)
backends in samba3.

But, then you would need to sync whatever files contain the machine
accounts. You may rather just want to implement LDAP (there may even be
a postgres backend for ldap, which will probably only allow you to
migrate to LDAP) instead, will simplify your whole setup and provide
more features.

Buchan

-- 
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7