[samba-tng] status: nt5ldap and samtdb

Luke Howard lukeh at PADL.COM
Wed Feb 2 12:49:55 GMT 2000

>hi luke, did you get groups and aliases working as well?

It seems to go spinning when I do that. I'm kind of silently assuming
that it's the passdb samrd backend, more investigation needed, but
more likely to be spent doing samrd...

>again, send us some examples, plus the RID and name of the user, it's
>likely to be a key based on those.  tell us what the plaintext password
>is, too.

Sure, I need to figure out how to get access to those attributes in NT5,
they're usually hidden from the user. Must be possible to change though.

>i hate domain_namemap.c and the passdb/ API.  it's an awful mess.

I agree. It's a case of, well, I probably wouldn't have understood the
code as well if I hadn't done the nt5ldap passdb backend, but now that
I have, I'm kind of too brain-dead to start doing the samrd backend
(although, as I mentioned in private mail, I've started).

>if you want code to cut-and-paste, i've pretty much got the "user" side
>working in samrtdbd.

Cool, I've based it on samrtdbd. Hopefully I can separate some of the
useful code out of the nt5ldap passdb code and use that there as well;
the code for resolving group members &c.

>there is a distinct advantage to you writing a samrldapd, luke.  people
>can compile samrd with --with-ldap, and compile samrldapd as well, and you
>can start samrd, slurp the SAM database (text format?  rpcclient
>samsync?), stop samrd, start samrldapd and shove it with the SAM database,
>and you're converted from our old-style LDP to new-style nt5-LDAP.

Yes, very cool. But you could probably do that with two passdb backends,
just have to recompile in between... I agree with your sentiments about
passdb, but ... 


-- Luke
Luke Howard
PADL Software Pty Ltd

More information about the samba-technical mailing list