HP CIFS Server 3.0k Administrator's Guide version A.02.04

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

The machine account is the machine's name with a dollar sign character ("$") appended

to it. The home directory can be set to /home/temp. The shell field in the /etc/passwd

file is not used and can be set to /bin/false.

• Use the following command to create the posixAccount entry for a Windows client in

the LDAP directory if LDAP is enabled:

$ /opt/ldapux/bin/ldapmodify –a –D “cn=Directory Manager” –w

dmpasswd –h ldaphostA –f new.ldif $

Where LDIF update statements specified in the new.ldif file are added to the LDAP

directory server, ldaphostA. The following is an example of LDIF update statements

in the new.ldif file:

dn: uid=client1$ ou=People,dc=hp,dc=com

objectclass: top

objectclass: account

objectclass: posixAccount

homeDirectory: /home/temp

loginShell: /bin/false

As an example, the resulting entry in the LDAP directory server for a client machine

named "client1" would be:

objectClass: posixAccount

cn: client1$

uid: client1$

uidNumber: 1000

gidNumber: 200

homeDirectory: /home/temp

loginShell: /bin/false

userPassword: {crypt}x

pwdLastSet: 1076466492

logonTime: 0

logofftime: 2147483647

kickoffTime: 2147483647

pwdCanChange: 0

pwdMustChange: 2147483647

rid: 1206

primaryGroupID: 1041

acctFlags: [W ]

displayName: client1$

2. Run the smbpasswd program on the Samba PDC server to create the Windows account:

• Use the following command to add the Windows account for a Windows client to the

/var/opt/samba/private/smbpasswd file if LDAP is disabled:

$ smbpasswd -a -m client1

An example of the associated machine entry in the /etc/opt/samba/private/smbpasswd file

for a client machine named "client1" would be:

client1$:*801:800:ED816800D0393DAAD3B435B51404EE:321ABEEFE10EC431B9AAFF1A1D0D47:[W

]:LCT-0000000:

• Use the following command to add the sambaSAMAccount entry for a Windows client

to the LDAP directory server if LDAP is enabled:

For ldapsam_compat backend:

$ /opt/samba/bin/smbpasswd -a -m client1

Forldapsam backend:

$ /opt/samba/bin/smbpasswd -a -m client1

An example of the associated machine entry in the LDAP directory server for a client

machine named "client1" would be:

Create the Machine Trust Accounts 67