Linkage dependencies

Simo Sorce simo.sorce at
Wed Dec 6 17:23:47 GMT 2000

On Wed, 6 Dec 2000, Mayers, Philip J wrote:

> rsync won't work for a binary DB though (I suspect) unless Samba closed the
> authdb/accountdb down before doing rsync. That's assuming you're even using
> a file-based backend though - what about SQL? Are we saying that each passdb
> backend must supply it's own replication mechanisms?

A dump/restore method would be usefull anyway for backup purpose but a
general passdb call may do the work, this is also usefull if you want to
migrate from a password backend to another.

> To summarise:
> Your passdb code (which looks good by the way) will probably have to store
> the LM/NT# as well as logon hours, kickoff time, allowed workstations etc.
> The authentication code can then either use external libraries/data
> (kerberos & keytab in the case of GSSAPI, Radius secret key for Radius,
> etc.) for non-LM/NT# based mechanisms.
> The authentication code can use the "pdb_getusername_lmhash/nthash" calls
> for any LM/NT# based mechanisms (presumably *before* doing any username
> mapping). When a user is authenticated, the passdb code then does
> authorization, username mapping, and so on. Does that sound OK?

At this stage, username mapping is part of the authentication process as
an invalid mapping should be reported as an authentication failure, I

> Regards,
> Phil


Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at 02 2399 2425 - 02 2399 2451
Be happy, use Linux!

More information about the samba-technical mailing list