diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account	2005-04-19 16:19:17.000000000 +0200
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account	2008-04-16 15:01:04.000000000 +0200
@@ -26,11 +26,17 @@
 use esmith::ConfigDB;
 use esmith::AccountsDB;
 use esmith::util;
+use esmith::ldap;
+
 
 my $a = esmith::AccountsDB->open || die "Couldn't open accounts db\n";
+my $conf = esmith::ConfigDB->open_ro || die "Couldn't open configuration db\n";
 
 my $event = $ARGV [0];
 my $machineName = $ARGV [1];
+my $domain = $conf->get('DomainName')
+    || die("Couldn't determine domain name");
+ $domain = $domain->value;
 
 die "machine name $machineName is not a valid machine account name"
 	unless ( $machineName =~ /\$$/ );
@@ -55,10 +61,14 @@
 
 warn "create-machine-account $machineName: Creating Unix user and group\n";
 
+my $base = esmith::util::ldapBase ($domain);
+
 system(
-	"/usr/sbin/useradd",
+	"/usr/sbin/cpu", "useradd",
+	"-o",
+	"--userbase=ou=Computers,$base",
+	"-g nobody",
 	"-c", "Hostname account for $machineName",
-	"-M",
 	"-d", "/noexistingpath",
 	"-s", "/bin/false",
 	"$machineName"
@@ -66,7 +76,7 @@
 
 warn "create-machine-account $machineName: Locking account\n";
 
-system("/usr/bin/passwd", "-l", "$machineName") == 0
+system("/usr/sbin/cpu", "usermod", "-o", "-L", "$machineName") == 0
     or warn("Could not lock password for $machineName\n");
 
 # warn "create-machine-account $machineName: Creating smbpasswd account\n";
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript	2008-04-16 15:01:07.000000000 +0200
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript	2008-04-16 14:58:47.000000000 +0200
@@ -4,3 +4,5 @@
 ldap user suffix = ou=Users
 ldap machine suffix = ou=Computers
 ldap delete dn = yes
+ldap passwd sync = yes
+
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync	2007-12-15 16:53:08.000000000 +0100
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync	2008-04-16 14:57:57.000000000 +0200
@@ -6,9 +6,9 @@
 #        the encrypted SMB passwords. They allow the Unix password
 #        to be kept in sync with the SMB password.
 }
-unix password sync = Yes
-pam password change = Yes
+unix password sync = no
+pam password change = no
 
-passwd program = /usr/bin/passwd %u 
+passwd program = /usr/sbin/cpu usermod -p %u 
 passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
 check password script = /sbin/e-smith/samba_check_password