How do I allow domain controllers to create machine trust accounts on-the-fly under RHEL CentOS Linux version 5.x?

You can configure samba such way to create machine trust accounts on-the-fly. You need need to add or modify an add machine script entry to the [global] section of /etc/samba/smb.conf to allow samba to dynamically create Machine Trust Accounts. Edit /etc/samba/smb.conf, enter:
# vi /etc/samba/smb.conf
Find Out [global] section and update it as follows:

Advertisement

    [global]
      add machine script = /usr/sbin/useradd -n -g machines -d /dev/null -s /sbin/nologin %u

Save and close the file. Type the following command to create machines group:
# groupadd machines
Restart samba service:
# service smb restart
On a Samba PDC, two accounts must be created. The first is the local machine account, and the second is the Samba account. For security purposes, it is recommended to let Samba create these accounts on-the-fly.

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

0 comments… add one

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.