[Samba] add machine script almost succeeds

Dwight Tovey dtovey at emergecore.com
Wed Oct 12 15:25:21 GMT 2005

All -

I am in the process of writing my own "add machine script" to use with
Samba 3.0.20a  and our OpenLDAP setup.  For the most part it seems to work
fine.  If I run the script from the command line, I can see that the entry
has been added to LDAP.  If I then go to the Windows machine and tell it
to join the domain, after giving it the Admin login and password it
connects up with no problems.

So the next step was to configure Samba to use the script directly by
pointing the "add machine script" parameter in smb.conf to the script:

add machine script = /usr/local/bin/samba-addmachine %u

I restart Samba, then go to the Windows box (XP Pro) and tell it to join
the domain.  It asks for the Admin login and password, then after a minute
or so I get an error popup telling me "The user name could not be found." 
However, when I look in LDAP I can see that my script did run and add the
machine object as before.  If I go back to the Windows machine and again
tell it to join the domain, this time it succesfully joins the domain.

I do notice that after the join succeeds, the LDAP entry now has the
'sambaNTPassword' which my script does not set, and the 'sambaPwdLastSet',
'sambaLogonTime', 'sambaPwdCanChange', and 'sambaPwdMustChange' attributes
have been updated.  Everything else is the same as was set by my script. 
Do I need to have my script set the 'sambaNTPassword' attribute?  If so,
what to I set it to?  Or maybe I need to have it exit with some value?

I'm obviously missing some little detail.  Any pointers would be greatly


Dwight N. Tovey
email: dtovey at emergecore.com
Work to Live : Live to Ride : Ride to Work

More information about the samba mailing list