samba - Nov 2004 - Useradd doesn't accept dollar sign ($) and "add machine script" doesn't work

Hi,

I have set up a Fedora Core 3 machine with Samba 3.0.9 to act as a PDC file and
print server.  Everything works fine but I am having problems adding new machine
accounts.  When I try to add them manually using "/usr/sbin/useradd -g
machines -d /dev/null -c "Spruce" -s /bin/false SPRUCE$", I get
the error message: "invalid user name 'SPRUCE$'".  I can add
the user without the dollar sign, then go in and edit /etc/passwd and
/etc/shadow and add the dollar sign, but this process is kind of tedious.  I
have tried the "add machine script = /usr/sbin/useradd -d /dev/null -g
machines -s /bin/false -M %u" line in smb.conf, but that doesn't work. 
I get an error message when I try to join the domain (I forget what the error
is, sorry).  I think the problem is due to useradd not accepting dollar signs at
the end of machine names.  Can anybody think of a way around this?  Is there a
way I can use a different version of useradd that will accept dollar signs?

The reason why I would like it automated is because I will be leaving the
company to go back to school shortly, and I want to make adding computers and
users as simple as possible.

Thanks in advance.

Here's my smb.conf file:

[global]
 netbios name = KAITLYN
 workgroup = THERMATEK
 passdb backend = tdbsam
 passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:
*all*authentication*tokens*updated*successfully*
 unix password sync = Yes 
 os level = 64
 log level = 2
 log file = /var/log/samba/log.%m
 max log size = 50
 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
 preferred master = yes
 domain master = yes
 local master = yes
 security = user
 encrypt passwords = yes
 domain logons = yes
 add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false
-M %u
# add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false
%u ;this didn't work either
 hosts allow = 127.0.0.1, 192.168.1.

 ;user profiles and home directory
 logon home = 
 logon drive = H:
 logon path = 
 logon script = %G.bat


[profiles]
   path = /home/samba/profiles
   writeable = yes
   browseable = no
   create mask = 0600
   directory mask = 0700

[netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   read only = no
   browseable = no
   write list = @admin

[homes]
 valid users = %S
 read only = No
 browseable = No

[Home]
 comment = Home Directory
 path = /home/%U/Home
 valid users = %U
 read only = No
 browseable = No

[printers]
 comment = All Printers
 path = /var/spool/samba
 printable = Yes
 browseable = No

[PROJECTS]
 path = /home/shares/Projects
 valid users = @employees, @management
# write list = @employees, @management
 read only = No
 inherit permissions = Yes
 case sensitive = No
 msdfs proxy = no

[THERMATEK]
 path = /home/shares/Thermatek
 valid users = @employees, @management
# write list = @employees, @management
 read only = No
 inherit permissions = Yes

[MANAGEMENT]
 path = /home/shares/Management
 valid users = @management
# write list = @management
 read only = No
 inherit permissions = Yes

[TEMP]
 comment = Temp directory (Will be deleted periodically!)
 path = /home/shares/Temp
 valid users = @users
# write list = @employees, @management
 read only = No
 inherit permissions = Yes

[ml-2150-3]
 comment = Samsung ML-2150 on Linux Server
 path = /var/spool/samba
 read only = No
 guest ok = Yes
 printable = Yes
 printer name = ml-2150-3
 use client driver = Yes

#[netlogon]
#path = /var/lib/samba/netlogon
#read only = yes
#write list = ntadmin

#[profiles]
#path = /var/lib/samba/profiles
#read only = no
#create mask = 0600
directory mask = 0700

>I have set up a Fedora Core 3 machine with Samba 3.0.9 to act as a PDC file
and print server.  Everything
>
<snip>
>"invalid user name 'SPRUCE$'".  I can add the user without
the dollar sign, then go in and edit
>
There was a thread about this started mid last week under the title 
"Fedora Core 3 and Samba".  It appears to be a shift that RedHat has 
made, and is going back and changing now.  Take a look at that thread 
please.

Search is your friend.

-- 
--
Paul Gienger                    Office: 701-281-1884
Applied Engineering Inc.
Systems Architect               Fax:    701-281-1322
URL: www.ae-solutions.com       mailto: pgienger@ae-solutions.com

Hi.

Try --force-badname option in useradd


Jarod Legault wrote:
>Hi,
>
>I have set up a Fedora Core 3 machine with Samba 3.0.9 to act as a PDC file
and print server.  Everything works fine but I am having problems adding new
machine accounts.  When I try to add them manually using "/usr/sbin/useradd
-g machines -d /dev/null -c "Spruce" -s /bin/false SPRUCE$", I
get the error message: "invalid user name 'SPRUCE$'".  I can
add the user without the dollar sign, then go in and edit /etc/passwd and
/etc/shadow and add the dollar sign, but this process is kind of tedious.  I
have tried the "add machine script = /usr/sbin/useradd -d /dev/null -g
machines -s /bin/false -M %u" line in smb.conf, but that doesn't work. 
I get an error message when I try to join the domain (I forget what the error
is, sorry).  I think the problem is due to useradd not accepting dollar signs at
the end of machine names.  Can anybody think of a way around this?  Is there a
way I can use a different version of useradd that will accept dollar signs?
>
>The reason why I would like it automated is because I will be leaving the
company to go back to school shortly, and I want to make adding computers and
users as simple as possible.
>
>Thanks in advance.
>
>Here's my smb.conf file:
>
>[global]
> netbios name = KAITLYN
> workgroup = THERMATEK
> passdb backend = tdbsam
> passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:
*all*authentication*tokens*updated*successfully*
> unix password sync = Yes 
> os level = 64
> log level = 2
> log file = /var/log/samba/log.%m
> max log size = 50
> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> preferred master = yes
> domain master = yes
> local master = yes
> security = user
> encrypt passwords = yes
> domain logons = yes
> add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u
># add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false %u ;this didn't work either
> hosts allow = 127.0.0.1, 192.168.1.
>
> ;user profiles and home directory
> logon home = 
> logon drive = H:
> logon path = 
> logon script = %G.bat
>
>
>[profiles]
>   path = /home/samba/profiles
>   writeable = yes
>   browseable = no
>   create mask = 0600
>   directory mask = 0700
>
>[netlogon]
>   comment = Network Logon Service
>   path = /home/netlogon
>   read only = no
>   browseable = no
>   write list = @admin
>
>[homes]
> valid users = %S
> read only = No
> browseable = No
>
>[Home]
> comment = Home Directory
> path = /home/%U/Home
> valid users = %U
> read only = No
> browseable = No
>
>[printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
>[PROJECTS]
> path = /home/shares/Projects
> valid users = @employees, @management
># write list = @employees, @management
> read only = No
> inherit permissions = Yes
> case sensitive = No
> msdfs proxy = no
>
>[THERMATEK]
> path = /home/shares/Thermatek
> valid users = @employees, @management
># write list = @employees, @management
> read only = No
> inherit permissions = Yes
>
>[MANAGEMENT]
> path = /home/shares/Management
> valid users = @management
># write list = @management
> read only = No
> inherit permissions = Yes
>
>[TEMP]
> comment = Temp directory (Will be deleted periodically!)
> path = /home/shares/Temp
> valid users = @users
># write list = @employees, @management
> read only = No
> inherit permissions = Yes
>
>[ml-2150-3]
> comment = Samsung ML-2150 on Linux Server
> path = /var/spool/samba
> read only = No
> guest ok = Yes
> printable = Yes
> printer name = ml-2150-3
> use client driver = Yes
>
>#[netlogon]
>#path = /var/lib/samba/netlogon
>#read only = yes
>#write list = ntadmin
>
>#[profiles]
>#path = /var/lib/samba/profiles
>#read only = no
>#create mask = 0600
>directory mask = 0700
>  
>