[samba-tng] status: nt5ldap and samtdb
Luke Kenneth Casson Leighton
lkcl at samba.org
Mon Jan 31 07:45:02 GMT 2000
decided lst week to abandon the old (1 year old) passwd db api.
luke howard is implementing an nt5ldap password database. i'm
implementing a samtdb. the idea is to encourage luke to work with the
SAM-defined api, but he's waiting for me to get into samtdb, first.
i have the following functions up-and-running:
_samr_create_user is hard-coded, i need to do a RID-cycling function.
actually, tim, i need that libsurs really badly! we also have a
chicken-and-egg problem. a lookup to create an NT user requires a unix
user, first, but no lookup in the surs table is going to help resolve
users that don't exist in the NT user database if you haven't added them
i am somewhat at a loss on this one. i wouldn't mind if it wasn't for
having to deal with both mathematical _and_ database-based surs table
if you think it through, there's an atomic-operation problem (i.e any
possible algorithms aren't atomic in updating both the surs and the SAM
database). oops. not going to think about it now.
ok, i thought about it. i think the solution is to have the surs table
have an extra parameter: BOOL create
i.e if the SID doesn't exist, then create one in the table.
mathematical surs tables, that's trivial: all SIDs (in their limited space
because the uid/gid space is only 32 bit) already exist, therefore
creation is trivial.
table-based ones, that means that the table must create the unique SID. i
suggest that the first few components of the SID be used as the base, and
the newly-created RID be concatenated on the input SID parameter.
either that, or just create a new function surscreatesidfromposix().
More information about the samba-technical