[Samba] On the fly Machine accounts

Fri Aug 26 15:54:31 GMT 2005

I have been trying for 2 months to get my samba server to add machine
accounts 'on the fly"
I have added both of these to my smb.conf

 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
 add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false

Neither of these seems to do anything.

I have around 250 computers to add, so adding the machine accounts
manuelly isn't going to happen.

I've read the documentation that says i should be able to do this so i
know it can be done.
Anyone actually using samba in a production enviroment?
Do you have samba creating the Machine accounts on the fly?

Thanks

Here is my smb.conf file

# Global parameters
[global]
        workgroup = ETNET
        server string = Samba PDC
        password server = None
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
        username map = /etc/samba/smbusers
        unix password sync = Yes
        log file = /var/log/samba/%m.log
        max log size = 5
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap
        add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
        add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false
        logon script = logon.bat
        domain logons = Yes
        os level = 64
        domain master = Yes
        dns proxy = No
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431

[homes]
        comment = Home Directories
        path = %H
        valid users = %S
        read only = No
        browseable = No

[netlogon]
        comment = Network Logon Service
        path = /opt/samba/netlogon
        write list = @ntadmins

[research]
        comment = Research Dept Share
        path = /dept/research
        valid users = @research, @ntamins
        write list = @research, @ntadmins
        read only = No
        create mask = 0770
        directory mask = 0770
        browseable = No
        blocking locks = No

[production]
        comment = Production Dept Share
        path = /dept/production
        valid users = @users
        force group = users
        read only = No
        create mask = 0770
        directory mask = 0770
        dos filetimes = Yes

[producer]
        comment = Producers Dept Share
        path = /dept/producer
        valid users = @producer, @ntamins
        write list = @producer, @ntadmins
        read only = No
        create mask = 0770
        directory mask = 0770
        browseable = No
        blocking locks = No

[online]
        comment = Online Dept Share
        path = /dept/online
        valid users = @online, @ntamins
        write list = @online, @ntadmins
        read only = No
        create mask = 0770
        directory mask = 0770
        browseable = No
        blocking locks = No

[clearance]
        comment = Clearance Dept Share
        path = /dept/clearance
        read only = No

[finance]
        comment = Finance Dept Share
        path = /dept/finance
        read only = No

[engineer]
        comment = Engineer Dept Share
        path = /dept/engineer
        read only = No

[music]
        comment = Music Dept Share
        path = /dept/music
        read only = No

[post]
        comment = Post Dept Share
        path = /dept/post
        read only = No

[vault]
        comment = Tape Vault Dept Share
        path = /dept/vault
        read only = No

[IT]
        comment = IT Dept Share
        path = /dept/it
        read only = No

[printers]
        path = /tmp
        printable = Yes
        cups options = raw
        browseable = No