samba - Aug 2004 - XP Problems adding machines "on the fly"

Having trouble with the add machine script.  Followed the chapter 6 
how-to, but, it fails.  Checking log file for the machine after 
error-RPC call failed on XP box, I find a 101MB log file filled with 
-error must provide name- something to that effect.  Any help would be 
appreciated. smb.conf follows.

[global]

   workgroup = FSK
   netbios name = Camarillo
   server string = Camarillo
   hosts allow = 
passdb backend = tdbsam
#  guest account = pcguest

   log file = /usr/log/samba/%m.log

   max log size = 50

   security = user
   encrypt passwords = yes

   write raw = yes
   strict allocate = No

   getwd cache = yes
   write cache size = 262144

   interfaces = 
   local master = yes
   enhanced browsing = yes
   os level = 33
   preferred master = yes
   domain master = yes

   preferred master = yes

   domain logons = yes
   obey pam restrictions = yes
   add machine script = /usr/sbin/adduser -d /dev/null -g 100 \
    -s /bin/false -M %u
   idmap uid = 10000-20000
   idmap gid = 10000-20000
  logon path = \\camarillo\Profiles\%U

   wins support = yes
   lm announce = auto
   lm interval = 5
   dns proxy = yes

Hi all,

I'm trying to do the same thing "create machine accounts on the
fly" and i
cant get it to work.  I have  the same configuration as TOM but the message
that I am getting in the samba log file is

[2004/09/01 00:19:38, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244)
  get_md4pw: Workstation BAGHDAD$: no account in domain

What could we be doing wrong?
----- Original Message ----- 
From: "Tom Skeren" <tms3@fskklaw.com>
To: <samba@lists.samba.org>
Sent: Tuesday, August 31, 2004 2:56 PM
Subject: [Samba] XP Problems adding machines "on the fly"

> Having trouble with the add machine script.  Followed the chapter 6
> how-to, but, it fails.  Checking log file for the machine after
> error-RPC call failed on XP box, I find a 101MB log file filled with
> -error must provide name- something to that effect.  Any help would be
> appreciated. smb.conf follows.
>
> [global]
>
>    workgroup = FSK
>    netbios name = Camarillo
>    server string = Camarillo
>    hosts allow > passdb backend = tdbsam
> #  guest account = pcguest
>
>    log file = /usr/log/samba/%m.log
>
>    max log size = 50
>
>    security = user
>    encrypt passwords = yes
>
>    write raw = yes
>    strict allocate = No
>
>    getwd cache = yes
>    write cache size = 262144
>
>    interfaces >    local master = yes
>    enhanced browsing = yes
>    os level = 33
>    preferred master = yes
>    domain master = yes
>
>    preferred master = yes
>
>    domain logons = yes
>    obey pam restrictions = yes
>    add machine script = /usr/sbin/adduser -d /dev/null -g 100 \
>     -s /bin/false -M %u
>    idmap uid = 10000-20000
>    idmap gid = 10000-20000
>   logon path = \\camarillo\Profiles\%U
>
>    wins support = yes
>    lm announce = auto
>    lm interval = 5
>    dns proxy = yes
>
>
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

> maybe you should look for another stupid american who ruined
"Baghdad$"
 > account :))

Ha! ;-)
There is only one but unfortunately he happens to be the one *in 
charge*.  Funny how non-Americans think that Americans somehow have more 
control of their government than they have over their own.  The truth is 
we don't have any more control over ours than anybody else does.  Less 
even because we have so many more corporate Thrones we must bow to and 
because our government has some of the best spin doctors money can buy.

Having said that, I now must say something to make this a non off-topic 
and hopefully worth while post, hehehe. ;-)
>   hosts allow = passdb backend = tdbsam
The above line is in error. Should read:

#hosts allow passdb backend = tdbsam

My understanding is that the account created must belong to both worlds 
and therefore must have an entry in both passwd and smbpasswd files. 
That means probably using "smbpasswd -m" somewhere in your "add
machine
script".  If I'm right about this then something like this example:

passdb backend = tdbsam smbpasswd

   add machine script = /usr/sbin/adduser -d /dev/null -g 100 \
    -s /bin/false -M %u;/usr/sbin/smbpasswd -m %u

The path for smbpasswd might not be correct. It is just a guess.

The issue, as I understand it, is that machine accounts require 
information that cannot be stored in the passwd file, therefore you need 
an additional backend.  Of course, in this case only machine accounts 
will be stored there.

Jim C.
-- 
-----------------------------------------------------------------
| I can be reached on the following Instant Messenger services: |
|---------------------------------------------------------------|
| MSN: j_c_llings@hotmail.com  AIM: WyteLi0n  ICQ: 123291844 	|
|---------------------------------------------------------------|
| Y!: j_c_llings               Jabber: jcllings@njs.netlab.cz	|
-----------------------------------------------------------------

Whoa! How did the topic get changed?  I did not do that.

Jim C.