password API needed

Luke Kenneth Casson Leighton lkcl at
Tue May 12 19:39:41 GMT 1998

On Tue, 12 May 1998, Jeremy Allison wrote:

> Gerald Carter wrote:
> > 
> > 
> > Rather than a fallback to the global configuration file, how about
> > setting default values for newly created accounts.  Once these accounts
> > are created, the information, if not specified, is filled in.
> > Therefore, there will never been an empty field in the acocunt record.
> > Since the space would technically already be allocated in the struct (
> > with the exception of pointers such as char*...but then just assign "" )
> > as well as in the database record in the case of some relational
> > password database.
> > 
> > Someone please correct me if I am wrong, but isn't this how NT does it.
> > I am referring to account information, not policy settings such as
> > account lockout for failed login attempt, etc...
> > 
> Yes, that's a much better idea than putting everything in smb.conf.
> In case anyone hadn't noticed, smb.conf suffers from a serious case
> of parameter bloat :-).
> BTW: I'm working on removing the lp_domain_xx() stuff. But I'll


> need a buy off from everyone on this list before I break existing
> smb.conf files by removing the code. We still get people complaining
> that 'domain controller' changed from string to bool, and that was
> never used !

it's one way to tell people that the parameter's not used :-)

> > I'm still going to stand my ground and say don't put user information in
> > smb.conf.  Another configuration file with the default information would
> > be OK, but I think the more effecient route would be to put the default
> > information in when the account is created.
> > 
> Indeed - Luke, are you convinced yet. *No more NT account
> parameters in smb.conf* (even as defaults :-).

it's about 30/70 in favour of not putting nt sam stuff in smb.conf: i'm
not yet convinced about creating them from smb.conf on-demand to stop
heavy reloading of smb.conf files.

but i suppose that could be done from an admin tool, anyway, with no
involvement from smb.conf at all....

so, ok: i'm convinced.

can we take out lp_logon_script() and lp_profile_path() etc using the same
justification logic?


More information about the samba-ntdom mailing list