Is this *really* needed if the machine accounts are stored in LDAP? For writing /etc/passwd you need to be root, but for writing LDAP you usually don't need to be root... You only need to have execute permissions for the machine-add script...
As Andrew said, you have to be domain admin (that means ...-500 as SID), but root??
Well, I just tried, but it does not work :( So it needs root.
Antoine
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
