[Samba] NT domain computer account
rafal at zorro.isa-geek.com
Tue May 17 16:01:17 GMT 2005
Curiosity killed the cat, but...
I've been reading samba sources and I can't quite figure out what
'features' of UNIX account is required for 'workstation account' (as in
The furthest I coud get to pin-point the requirements, is the pdbedit
source (source/utils/pdbedit.c), where we have two functions:
1) new_used(*context, *name, *full_name, *home, *drive, *script, ...);
2) new_machine(*context, *name);
Both will create relevant LN/NT passwords as they complete their tasks.
Apart from that, 'user' *must* access server-host filesystem, so it
definitely needs UID/GID recognized by host kernel. 'machine' doen't
need that, true?
Apparently, the 'ultimate DB editor' (the pdbedit) - suitable for any
database backend is capable of creation of a correct machine account
based on machine *name* alone. Presumably, no other attributes matter.
And since it's not the 'machine', but rather 'logged-in user' that
touches files on samba server system - one does not need a 'machine'
uid/gid there, does it?
Or may be the 'machine entity' does in fact touch server filesystem?
Could some kind soul point me to a relevant fragments of samba source
tree or some www FAQ, where I could find those details.
My question actually is: what is the complete list of attributes, that a
machine account needs on server host to serve it's purpose. Currently
I've identified only:
1. name (machine name, string, ends with a dolar sign)
2. LM/NT passwords hashes.
For a 'machine account' I cannot see any purpose for arrtibutes like:
e) uid (host user ID)
(still, those attributes show up after "pdbedit -a -m -u NEW-PC").
Thenx in advance
More information about the samba