On 10/30/09 15:33, M. Rodrigo Monteiro wrote:
Hi all!
I wanna know how to create the LDIF to import in OpenLDAP to create a
machine account.
Anyone can help?
Regards,
Rodrigo.
In my environment, people and machines have preexisting "unix" accounts
in ldap, since we also have linux network clients. Samba does not
automatically create the unix accounts.
You only need a basic "unix person" account. It can be in the same OU
as actual people or in a sub-ou- but typically (at least with my
setup) it needs to be where the underlying unix OS will find it (getent
passwd.) When an XP machine joins a domain (or if you create the samba
account with (smbpasswd -m -a MACHINE) the samba attributes get added.
E.g- basic "unix" account
dn: uid=MACHINE$,ou=machines,ou=people,o=mydomain.com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
cn: MACHINE$
displayName: MACHINE$
gecos: MACHINE$
gidNumber: 515
uid: MACHINE$
uidNumber: 567
userPassword:: *LK*
Following automatically gets added when the machine joins domain:
objectClass: shadowAccount
objectClass: sambaSamAccount
sambaAcctFlags: [W ]
sambaNTPassword: AD40F************************
sambaPrimaryGroupSID: S-1-**********************
sambaPwdLastSet: 1254523222
sambaSID: S-1--**********************
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
