[samba-tng] status: nt5ldap and samtdb

Luke Kenneth Casson Leighton lkcl at samba.org
Mon Jan 31 07:45:02 GMT 2000

decided lst week to abandon the old (1 year old) passwd db api.

luke howard is implementing an nt5ldap password database.  i'm
implementing a samtdb.  the idea is to encourage luke to work with the
SAM-defined api, but he's waiting for me to get into samtdb, first.

i have the following functions up-and-running:

sam functions:


domain functions:


user functions:


_samr_create_user is hard-coded, i need to do a RID-cycling function.
actually, tim, i need that libsurs really badly!  we also have a
chicken-and-egg problem.  a lookup to create an NT user requires a unix
user, first, but no lookup in the surs table is going to help resolve
users that don't exist in the NT user database if you haven't added them
yet!  agh!

i am somewhat at a loss on this one.  i wouldn't mind if it wasn't for
having to deal with both mathematical _and_ database-based surs table

if you think it through, there's an atomic-operation problem (i.e any
possible algorithms aren't atomic in updating both the surs and the SAM
database).  oops.  not going to think about it now.

ok, i thought about it.  i think the solution is to have the surs table
have an extra parameter:  BOOL create

i.e if the SID doesn't exist, then create one in the table.

mathematical surs tables, that's trivial: all SIDs (in their limited space
because the uid/gid space is only 32 bit) already exist, therefore
creation is trivial.

table-based ones, that means that the table must create the unique SID.  i
suggest that the first few components of the SID be used as the base, and
the newly-created RID be concatenated on the input SID parameter.

either that, or just create a new function surscreatesidfromposix().


More information about the samba-technical mailing list