Hello, Sorry to be a pest, but I need to try to get some clarification of how the machine name works when setting up a machine account on the Samba server. The Samba How-To page http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2536400 talks about the "common error" of including the $ in the machine name on the server machine. However, all of the examples of PDC setup that I've seen show machine accounts in the passwd file that DO have a $ at the end of the machine name. So, $ or no $? The explanation on the How-To page is confusing, when it says "The problem is only in the program used to make the entry....Create a user without the "$". Then use vipw to edit the entry, adding the "$"". This is perplexing. Why would it make any difference whether you put in the $ with vipw or some other editor? And why does the heading of this section say ""$" Cannot Be Included in Machine Name?" I don't quite get what the real technical issue is here. I think some more explanation is needed. Eric
Hi Eric Eric Evans wrote:> Sorry to be a pest, but I need to try to get some clarification of how the > machine name works when setting up a machine account on the Samba > server. The Samba How-To page > http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2536400 > talks about the "common error" of including the $ in the machine name on > the server machine. However, all of the examples of PDC setup that I've > seen show machine accounts in the passwd file that DO have a $ at the end > of the machine name. So, $ or no $? The explanation on the How-To pageDefinately a $. It's not a Samba thing, it's a Windows thing.> confusing, when it says "The problem is only in the program used to make > the entry....Create a user without the "$". Then use vipw to edit the > entry, adding the "$"". This is perplexing. Why would it make any > difference whether you put in the $ with vipw or some other editor? AndThe howto page suggests vipw, because vipw applies all necessary locks to the password file while it is being edited, performs consistency checks and calls an external program to update the user database.> why does the heading of this section say ""$" Cannot Be Included in > Machine > Name?" I don't quite get what the real technical issue is here. I think > some more explanation is needed.Because the heading is in the "Common Errors" section of the howto. So, a common error in this case is "$ Cannot be included in machine name". Perhaps it should be indented to show it is part of the common errors section, but hey... this is HTML don't forget! Steve :)
On Fri, 7 Jul 2006, Eric Evans wrote:> Hello, > > Sorry to be a pest, but I need to try to get some clarification of how the > machine name works when setting up a machine account on the Samba server. > The Samba How-To page > http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2536400 > talks about the "common error" of including the $ in the machine name on the > server machine. However, all of the examples of PDC setup that I've seen > show machine accounts in the passwd file that DO have a $ at the end of the > machine name. So, $ or no $? The explanation on the How-To page is > confusing, when it says "The problem is only in the program used to make the > entry....Create a user without the "$". Then use vipw to edit the entry, > adding the "$"". This is perplexing. Why would it make any difference > whether you put in the $ with vipw or some other editor? And why does the > heading of this section say ""$" Cannot Be Included in Machine Name?" I > don't quite get what the real technical issue is here. I think some more > explanation is needed.The technical issue there was/is actually specific to old(er) versions of FreeBSD/NetBSD/OpenBSD where the standard set of commands would not let you add a user with the "$" character in it, at least per my understanding. You definitely do need the $ appended to the end of the machine name for the machine accounts though, and assuming you run a newer release of *BSDs, Linux, et cetra, you should be OK in that aspect. Also, to clarify on a matter you mentioned earlier regarding machine accounts and "blank" passwords, that should not be an issue, as long as you disable their ability to login to the system via modifying the GECOS field in /etc/passwd so that their shell is something like /bin/false. Someone else had mentioned it, I believe, but another confirmation should help to put your mind more at ease. :-) Well, at least as at ease as a mind can be when running Sun systems . . . :-P> > Eric > >-- -- +-------------------------------------------------+ | Sean Elble | | Virginia Tech | | Computer Engineering, Class of 2008 | | Vice President, VTLUUG | | E-Mail: elbles@sessys.com | +-------------------------------------------------+