[Samba] On Machine Accounts
abartlet at samba.org
Sat Sep 14 18:33:53 MDT 2013
On Fri, 2006-10-06 at 12:32 -0400, Yannick Gingras wrote:
> I have a few (~20) workstations dual booted with GNU/Linux and Windows
> XP. When configuration changes on these systems (about once a month)
> I deploy a full disk image with UDPcast . Unlike recent versions
> of Norton Ghost, UDPcast have no post-deploy option to change the
> machine name and/or trust account. Most of the time those systems are
> running on GNU/Linux and only occasionally will two of those be
> running Windows at the same time.
> : http://www.udpcast.linux.lu/
> The file server is a Debian GNU/Linux system running LDAP, NFS and
> Samba. Since I deploy new images often I would like to avoid any
> manual setup on each system. On GNU/Linux I can auto-detect the
> hostname early in the boot process and set it transparently. I
> haven't found a way to do that on Windows though. Authentication with
> Samba running as a PDC is working fine and pam is set to keep the
> GNU/Linux and Samba passwords in sync.
> The only part that annoys me with this setup is the machine accounts.
> Is the machine account. Is it possible to configure Samba to
> completely ignore the machine account? Would there be major problems
> in doing this? So far I don't see any advantage in using a machine
> account. All the user accounts are password protected and the Samba
> server only allows connection from a narrow IP range.
You can't do a domain logon without a machine account. You could set
them up as just standalone workstation however.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba