[Samba] PDC Machine Trust Accounts
Andrew Bartlett
abartlet at samba.org
Tue Nov 25 22:39:12 GMT 2003
On Wed, 2003-11-26 at 08:29, Ben Davis wrote:
> I read in the Samba HOWTO Collection that every machine in the domain
> needs to have a corresponding UNIX account. Does this mean whenever I
> add a machine to the network, I must create a UNIX account for each
> one?? Am I supposed to create Unix accounts for my users as well?
> Doesn't this defeat the purpose of using a centralized authentication
> backend such as LDAP or MySQL?
Correct, you must create unix accounts for all your users, and all your
machines. However, this does not defeat the purpose of central
authentication databases, as it does not specify how the unix accounts
are created. For LDAP installations, it it typical to have the
posixAccount attributes on the same ldap entry as the sambaSamAccount,
and to use nss_ldap to 'create' them into unix.
There is a nss_mysql module out there, I think, but LDAP is the standard
way of doing this.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031126/fa9c7934/attachment.bin
More information about the samba
mailing list