How do I allow domain controllers to create machine trust accounts on-the-fly under RHEL CentOS Linux version 5.x?
You can configure samba such way to create machine trust accounts on-the-fly. You need need to add or modify an add machine script entry to the [global] section of /etc/samba/smb.conf to allow samba to dynamically create Machine Trust Accounts. Edit /etc/samba/smb.conf, enter:
# vi /etc/samba/smb.conf
Find Out [global] section and update it as follows:
[global]
add machine script = /usr/sbin/useradd -n -g machines -d /dev/null -s /sbin/nologin %u
Save and close the file. Type the following command to create machines group:
# groupadd machines
Restart samba service:
# service smb restart
On a Samba PDC, two accounts must be created. The first is the local machine account, and the second is the Samba account. For security purposes, it is recommended to let Samba create these accounts on-the-fly.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
