Samba: Allow Domain Controllers Create Machine Trust Accounts On-the-Fly

How do I allow domain controllers to create machine trust accounts on-the-fly under RHEL CentOS Linux version 5.x?

You can configure samba such way to create machine trust accounts on-the-fly. You need need to add or modify an add machine script entry to the [global] section of /etc/samba/smb.conf to allow samba to dynamically create Machine Trust Accounts. Edit /etc/samba/smb.conf, enter:
# vi /etc/samba/smb.conf
Find Out [global] section and update it as follows:

ADVERTISEMENTS

    [global]
      add machine script = /usr/sbin/useradd -n -g machines -d /dev/null -s /sbin/nologin %u

Save and close the file. Type the following command to create machines group:
# groupadd machines
Restart samba service:
# service smb restart
On a Samba PDC, two accounts must be created. The first is the local machine account, and the second is the Samba account. For security purposes, it is recommended to let Samba create these accounts on-the-fly.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.