Multiple passdb backends
Andrew Bartlett
abartlet at pcug.org.au
Thu Feb 28 15:20:03 GMT 2002
Jean Francois Micouleau wrote:
>
> On Thu, 28 Feb 2002, Andrew Bartlett wrote:
>
> > Simo Sorce wrote:
> > >
> > > On Wed, 2002-02-27 at 18:34, Jelmer Vernooij wrote:
> > > > Hello,
> > > >
> > > > Samba currently supports only one passdb backend at a time. It would
> > > > be nice to be able to load multiple backends, just like nsswitch and
> > > > pam. When multiple backends are supported, it would be possible to
> > > > (just some examples):
> > > >
> > > > - use users from a ldap database and a mysql database
> > > > - use a global ldap database and use a 'local' smbpasswd database
> > > > - use two mysql databases (on two servers, for example)
> > > >
> > > > feedback, please :)
> > >
> > > yes we already talked about that, more desin is needed!
> >
> > I originally opposed this, but I'm beginning to think its quite
> > feasable. The way it would work is to do searches on all databases,
> > returning the first match. Likewise enumerations are on a global
> > basis. Each SAM_ACCOUNT returned should include an opaque reference to
> > the passdb it was sourced from - that way you know how to update the
> > right DB on the way back.
>
> no opaque thingy, opaque is bad, opaque is evil.
By 'opaque' I was meaning that users (auth/auth_sam.c,
rpc_server/srv_samr_nt.c etc) don't need to see this reference, and
don't need to care about it.
> add an ops field to the SAM_ACCOUNT struct with ptrs to the SAM backend
> functions.
Yes, thats the way to do it.
> The only catch is adding users, and in that
> > case you just add them to the first - and let the admin decide the
> > order.
>
> yes.
>
> J.F.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list