Multiple passdb backends
Andrew Bartlett
abartlet at pcug.org.au
Thu Feb 28 02:27:25 GMT 2002
Simo Sorce wrote:
>
> On Wed, 2002-02-27 at 18:34, Jelmer Vernooij wrote:
> > Hello,
> >
> > Samba currently supports only one passdb backend at a time. It would
> > be nice to be able to load multiple backends, just like nsswitch and
> > pam. When multiple backends are supported, it would be possible to
> > (just some examples):
> >
> > - use users from a ldap database and a mysql database
> > - use a global ldap database and use a 'local' smbpasswd database
> > - use two mysql databases (on two servers, for example)
> >
> > feedback, please :)
>
> yes we already talked about that, more desin is needed!
I originally opposed this, but I'm beginning to think its quite
feasable. The way it would work is to do searches on all databases,
returning the first match. Likewise enumerations are on a global
basis. Each SAM_ACCOUNT returned should include an opaque reference to
the passdb it was sourced from - that way you know how to update the
right DB on the way back. The only catch is adding users, and in that
case you just add them to the first - and let the admin decide the
order.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list