smbpasswd -m -a gerard will create a machine account called gerard$
the $ means this is a machine
smbpasswd -a gerard will create a user gerard in your smbpasswd file
for using this passwd feature a system user has to be created before
i.e. useradd -a gerard
you can do this by using new smb.conf parameters, check man smb.conf
here you have an example for a smb.conf for suse samba 3 as pdc
#
# Generated by
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
#
[global]
browseable = no
largereadwrite = yes
passwdprogram = /usr/bin/passwd %u
logonscript = login.bat
logonhome = \\%L\%u
bindinterfacesonly = Yes
netbiosname = musi
nameresolveorder = wins bcast hosts
addsharecommand
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
ntaclsupport = yes
deletesharecommand
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
usernamemap = /etc/samba/smbusers
idmapuid = 15000-20000
winshook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update
addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d /dev/null -s
/bin/false %u
hostmsdfs = Yes
printcapname = cups
deleteuserscript = /usr/sbin/userdel -r %u
domainlogons = yes
shutdownscript = /sbin/shutdown
logfile = /var/log/samba/%m
socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF
winsproxy = Yes
logondrive = Z:
addusertogroupscript = /usr/bin/gpasswd -a %u %g
workgroup = MUSI
pampasswordchange = Yes
idmapgid = 15000-20000
domainmaster = yes
adminusers = root, Administrator
timeserver = yes
ldapssl = no
displaycharset = ISO8859-1
addgroupscript = /usr/sbin/groupadd -r %g
abortshutdownscript = /sbin/shutdown -c
deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g
vetofiles
/*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network
Trash Folder/.*/
delete veto files = yes
loglevel = 2
adduserscript = /usr/sbin/useradd -m %u
hidedotfiles = yes
setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u'
usesendfile = Yes
unixcharset = ISO8859-1
interfaces = lo, eth1, eth2
hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
hostsallow = 127., 10.10.10.
keepalive = 255
passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest
deletegroupscript = /usr/sbin/groupdel %g
loadprinters = No
serverschannel = Yes
localmaster = yes
unixpasswordsync = Yes
winssupport = Yes
logonpath = \\%L\%U\profile
passwdchat = *password* %n\n *password* %n\n *changed*
changesharecommand
/usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl
doscharset = CP850
syslog = 0
utmp = Yes
oslevel = 255
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [files]
[files]
readonly = No
cscpolicy = disable
comment = public files
browseable = yes
writeable = yes
path = /files/pub
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [homes]
[homes]
readonly = No
comment = Home Directories
browseable = No
cscpolicy = disable
guest ok = No
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [netlogon]
[netlogon]
sharemodes = No
rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L
comment = Netlogon Share
browseable = No
path = /var/lib/samba/netlogon
guestok = Yes
writelist = @ntadmin
locking = no
public = no
cscpolicy = disable
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [smbmonitor]
[smbmonitor]
readonly = No
cscpolicy = disable
comment = security smb logs
browseable = no
writeable = yes
path = /smbmonitor
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
## Section - [wincd]
[wincd]
readonly = No
cscpolicy = disable
comment = security smb logs
browseable = no
path = /wincd/win2k/mnt
writelist = @ntadmin
guestok = yes
vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree
recycle:versions
##########################################################
#use this if you want profiles in a seperate share
#[profiles]
# comment = Roaming Profile Share
# path = /files/profiles
# read only = No
# browseable = No
#
# end of generated smb.conf
#
Best Regards
----- Original Message -----
From: "lovswr1" <lovswr1@earthlink.net>
To: "samba" <samba@lists.samba.org>
Sent: Sunday, November 16, 2003 7:14 PM
Subject: [Samba] Can not add users to samba 3.0
> Hello, I can not seem to get smbpsswd to add any users to samba. No
> matter if I use the CLI, the Webmin module or SWAT I always get this
> response when trying to add any user
>
> [root@matrix1 samba]# smbpasswd -m -a gerard
> Failed initialise SAM_ACCOUNT for user gerard$.
> Failed to modify password entry for user gerard$
>
>
> I take it this has somehting to do with PAM & or shadow passwords,
& I
> have been lookig for a about a week & the best that I can find anything
> related to this 'SAM_ACCOUNT' that resembles my problem, is that I
need
> to make sure that ./configure (I have no idea which ./confiugure it is
> although I suspect that it is the one from a manual build of samba.
> Since mine was installed along wtih a bunch of other stuff when I
> upgraded from RH9 to fedore core 1, I have no idea where it might be)
> has PAM & or shadow options enabled. Any help in this matter would be
> greatly appreciated.
>
>
> # Global parameters
> [global]
> encrypt passwords = yes
> unix password sync = yes
> security = SHARE
> preferred master = Yes
> log file = /var/log/samba/%m.log
> passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
> server string = Samba Server
> pam password change = Yes
> passwd program = /usr/bin/passwd %u
> socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> dns proxy = No
> workgroup = MATRIX
> ldap ssl = no
> valid users = gerard, lovswr, marlene, vswr
> max log size = 0
> printing = cups
> hosts allow = pc2, freebsd, matrix1
> guest account >
> [homes]
> comment = Home Directories
> path = /home/public
> read only = No
> create mask = 0664
> directory mask = 0775
> guest ok = Yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
>