[Samba] Why need to add a machine account to /etc/passwd first with Samba+LDAP

Andreas Hasenack andreas at conectiva.com.br
Thu Mar 10 21:20:33 GMT 2005

On Thu, Mar 10, 2005 at 12:56:26PM -0800, Steve Zeng wrote:
> Hi,
> I am using Samba 3.0.10 PDC with LDAP as password DB. Before we use 
> smbpasswd as passwd DB and every time I need to add a machine account 
> into /etc/passwd so that the mahcine can join the domain. My 
> understanding for LDAP is, this step is not needed any more since we 
> will put all machine account into "ou=Computers". But I am proved to be 
> wrong.

Putting machine accounts into ou=Computers works just fine provided:
- smb.conf is configured to look into that branch
- nss_ldap is also configured to go into that branch

Regarding nss_ldap, you can point it either at the top of your tree, so
that it can reach both ou=Computers and ou=People using a subtree
search, or specify nss_base_passwd twice: once for ou=Computers and once
for ou=People.

More information about the samba mailing list