pdb_xml

Simo Sorce simo.sorce at xsec.it
Sun Apr 14 01:02:12 GMT 2002 

On Sun, 2002-04-14 at 09:43, Anand Kumria wrote:
> On Sat, Apr 13, 2002 at 05:02:10PM +0200, Jelmer Vernooij wrote:
> > Hi!
> > 
> > Here's my proposal for the file format for the pdb_xml database
> > backend. I haven't included the unknown* stuff yet, should that be
> > included?
> > 
> > Comments, please!
> 
> I'd say try and avoid attributes if you can. I'd also move the
> domain thing to the top element because I wouldn't imaging you
> would have users from different domains in the file.
> 
> I'm not sure how groups might work though. 
> 

you may have multihomed servers maybe in future we may support also
multidomain servers.

> <samba domain="BLAH">
>     <user rid="5424232" uid="423">
> 	<username>
> 		<nt>JelmerVernooij</nt>
> 		<unix>jelmer</unix>
> 		<vms>j32</vms>
> 		<full>Jelmer Vernooij</full>
> 	</username>
ok

> 	<password>
> 		<crypt type="md5">{encrypted}</crypt>
> 		<crypt type="des">{encrypted}</crypt>
> 		<crypt type="lanman32">{encrypted}</crypt>
> 		<crypt type="xor">{encrypted}</crypt>
> 		<last_change>01-02-2002</last_change>
> 		<can_change>02-03-2002</can_change>
> 		<must_change>03-04-2002</must_change>
> 	</password>

why crypt type? We can use only lanman and nt type, not crypt, nor md5
nor anyone else.

> 	<account>
> 		<group rid="#" gid="#">Administrators</group>
> 		<group rid="#" gid="#">Power Users</group>

no setting group names into user account is not smart, what you do if a
group is renamed? the SID should be stored

> 		<workstation access="deny">CHARIS</workstation>
> 		<workstation access="grant">GANIEDA</workstation>
> 		<logon>04-05-2002</logon>
> 		<logoff>05-06-2002</logoff>
> 		<kickoff>06-07-2002</kickoff>
> 		<desc>[fdfds]</desc>
> 	</account>
>         <profile>\\hephaistos\profiles\jelmer</profile>
>         <script>logon.bat</script>
>     </user>
>     <user rid="...>
>     .....
>     </user>
> </samba>

regards,
Simo.

-- 
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20020414/fb35f2db/attachment.bin

More information about the samba-technical mailing list