[Samba] Adding machines and machine based logins

Julian Pilfold-Bagwell jpb at bordengrammar.kent.sch.uk
Wed May 24 11:57:18 GMT 2006

Hi All,

I am hoping to set up machine based logins on our Samba server (3.0.21c/RedHat 
EL4). I have the following lines in the global section to my smb.conf: 

        add group script = /usr/sbin/groupadd %g
        delete group script = /usr/sbin/groupdel %g
        add user to group script = /usr/sbin/usermod -G %g %u
        passdb backend = tdbsam:/etc/samba/passdb.tdb
        add user script = /usr/sbin/useradd -m %u
        add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g \ 
machines %u

and use tdbsam as the password backend.

I've only just noticed though that any machine accounts that have been created 
during the first attachment to the domain in Windows are not coming out in 
the machines group. These machines have a primary group that is the same as 
the machine name and I don't want to change them in case it has an adverse 

So, the question here is that if i change the primary group of the machines 
from say machine1$ to machines will that affect anything when I change the 
login scripts e.g. from loginscript.bat to login.%m and will deleting the 
existing primary group of a machine affect the info stored in tdbsam.

Also, any ideas why 

        add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g \ 
machines %u

is not setting the machines group to machines?



J. Pilfold-Bagwell

Borden Grammar School

More information about the samba mailing list