LITTLEBLACKDOG.COM Forum Index LITTLEBLACKDOG.COM

 
LWD LWD   FAQ FAQ   Memberlist Memberlist   Usergroups Usergroups   Active Topics Active Topics   Register Register  
  Profile Profile   Log in to check your private messages Log in to check your private messages   Log in Log in  
  Who is Online Who is Online   Image Gallery Image Gallery   Chat Chat   Search Search  
  LWDGear       LBDGear  

QUESTOIN: on-fly machine trust accounts creation
 View next topic
View previous topic
Post new topic     Reply to topic   LITTLEBLACKDOG.COM Forum Index -> Operating Systems » OS - Unix
Author Message
Mahmoud
Cat Chaser
Cat Chaser


Joined: 24 Nov 2003
Posts: 896
Location: AE, Shj
Post Posted: Fri Dec 24, 2004 12:57 pm   Post subject: QUESTOIN: on-fly machine trust accounts creation Reply with quote Back to top  
hi all

with samba, we need to create machine trust accounts in order to let machines join our domain.

there are two ways as discribed here:-

one is by doing it manually (leave it for now)
another one is by doing it automatically or on-fly account creation.

the example on samba's official site regarding automated account creation was just for RedHat Linux. but iam using FreeBSD now.

samba.org wrote:
Here is an example for a Red Hat Linux system.

[global]
# <...remainder of parameters...>
add machine script = /usr/sbin/useradd -d /dev/null -g 100 \
-s /bin/false -M %u



the question is:-
what about FreeBSD's script?

_________________
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
creed
Veteran Dog
Veteran Dog


Joined: 08 Nov 2003
Age: 97
Posts: 6337
Location: Exiled
Post Posted: Fri Dec 24, 2004 2:15 pm   Post subject: Reply with quote Back to top  
while i'm not a UNIX expert, have you tried just plugging in this code and seeing what happens?

_________________


The Seven faces of Creed



View user's profile Send private message MSN Messenger
soup4you2
Tail-Wagger
Tail-Wagger


Joined: 15 Mar 2002
Posts: 2453
Location: Desolate wastelands of Virginia
Post Posted: Tue Dec 28, 2004 4:19 pm   Post subject: Reply with quote Back to top  
creed wrote:
while i'm not a UNIX expert, have you tried just plugging in this code and seeing what happens?


hmm...

adduser does not like it when you try assigning a user $user the $ represents a trust account.. typically you need to vipw..

your best option would probbibly be a small perl script to take in $arg1 (machine trust) and create the account and groups needed.. by echo'ing the values into the master.passwd and re-creating the hash..

_________________
tomorrow will be canceled due to lack of interest
View user's profile Send private message Send e-mail
Mahmoud
Cat Chaser
Cat Chaser


Joined: 24 Nov 2003
Posts: 896
Location: AE, Shj
Post Posted: Fri Dec 31, 2004 2:20 am   Post subject: Reply with quote Back to top  
where to put that script?


i am not sure, but here is what i am gussing:-


i'll create that script and put it some where on the server. lets say /usr/local/samba/scripts/machine.perl

and in smb.conf file i type this:-
Code: Select all
add machine script = /usr/local/samba/scripts/machine.perl $machine=%m


and it will send the machine netbios name to $machine variable in the perl script. after getting all variables needed to start the process. perl script makes it job.

to it will add an entry in /etc/passwd like this:
Code: Select all
pc_nebios_name$:*:1003:1002:User &:/dev/null:/usr/sbin/nologin


and it does not need to add any thing to /etc/group because i created that group manually.

the unix part done, but what about adding records to smbpasswd and secrets.tdb?

also as i read, smbpasswd is the old one, and secrets.tdb is the newer one which allows adding bigger number of users than smbpasswd. are these files syncornized? because some times i remove samba accounts manually by just editing smbpasswd, but what about secrets.tdb? will it be edited automatically?

any idea of how that script should be?


waiting for answers..

_________________
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Display posts from previous:   
Post new topic     Reply to topic   LITTLEBLACKDOG.COM Forum Index -> Operating Systems » OS - Unix
 
Jump to:  

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2002 phpBB Group
phpBB SEO
All times are GMT - 8 Hours

Help us keep advertisements off this site. Donate today!