HP CIFS Server 3.0b Administrator's Guide version A.02.01.01
NT Style Domains
Create the Machine Trust Accounts
Chapter 488
Create the Machine Trust Accounts
A Machine Trust Account for a Windows Client (Client=member server)
on a HP CIFS Server acting as a PDC is simply a user account entry
created for a machine. It is denoted by the machine name followed by
"$".
For PDCs not using LDAP (default), machine accounts will have entries
in both /etc/passwd (unix user accounts) and
/var/opt/samba/private/smbpasswd (Windows user accounts).
For PDCs using LDAP, machine accounts will have posixAccount and
sambaSamAccount object class entries in a directory server database.
The following steps are used to create a machine account for a Windows
Client on a HP CIFS Server acting as a Primary Domain Controller
(PDC):
1. Create the UNIX or POSIX account for a Windows Client:
• Use the following command to create the POSIX account for a
Windows client in the /etc/passwd file if LDAP is disabled:
$ useradd -c NT_workstation -d /home/temp -s \
/bin/false client1$
As an example, the resulting entry in the /etc/passwd file for a
client machine named “client1” would be:
client1$:*:801:800:NT_Workstation: \
/home/temp:/bin/false
where 801 is a uid and 800 is the group id of a group called
“machines.” A uid or group id can be any unique number. You
may find that uid values 0 through 100 are considered special,
and/or server specific. This may, or may not apply to your system.
The machine account is the machine’s name with a dollar sign
character (“$”) appended to it. The home directory can be set to
/home/temp. The shell field in the /etc/passwd file is not used
and can be set to /bin/false.
• Use the following command to create the posixAccount entry for
a Windows client in the LDAP directory if LDAP is enabled: