[PATCH] change SAM DB (files,tdb,ldap,nisplus) in smb.conf

Stefan (metze) Metzmacher metze at metzemix.de
Fri Jan 4 00:41:04 GMT 2002


At 11:57 29.12.2001 -0600, you wrote:

>Stefan,
>
>While I like the intent of the patch, I'm not going to apply it.
>The reason is that having to redefine pdb_getsampwXX() to
>handle a large switch() statement in order to deal with all
>of the possible samdb backends is fairly awkward.
>
>We need to move backto to a structure of function pointers and
>then enable the various lookups by adding the structure to a list
>of backend methods.  This should be done via shared libraries.
>We just haven't sat down and done it yet.

Hi Jerry,
I thing it could be done like the way the auth methods (samba 3.0) 
parameter is done.

What do you thing about it? Is that the right approach?

metze

----------------------------
in smb.conf you can list the backends in the order they should be called.

default:
samdb backends = files

maybe changed in:
samdb backends = ldap tdb

or:
samdb backens = nisplus files
--------------------------

###################
like in auth/auth.c
###################
NTSTATUS check_password(const auth_usersupplied_info *user_info,
                         const auth_authsupplied_info *auth_info,
                         auth_serversupplied_info **server_info)
{

...

         for (auth_method = auth_info->auth_method_list;auth_method; 
auth_method = auth_method->next)
         {
                 mem_ctx = talloc_init_named("%s authentication for user 
%s\\%s", auth_method->name,
                                             user_info->domain.str, 
user_info->smb_name.str);

                 nt_status = auth_method->auth(auth_method->private_data, 
mem_ctx, user_info, auth_info, server_info);
                 if (NT_STATUS_IS_OK(nt_status)) {
                         DEBUG(3, ("check_password: %s authentication for 
user [%s] suceeded\n",
                                   auth_method->name, 
user_info->smb_name.str));
                 } else {
                         DEBUG(5, ("check_password: %s authentication for 
user [%s] FAILED with error %s\n",
                                   auth_method->name, 
user_info->smb_name.str, get_nt_error_msg(nt_status)));
                 }

                 talloc_destroy(mem_ctx);

                 if (NT_STATUS_IS_OK(nt_status)) {
                         break;
                 }
         }

....
         return nt_status;

}


#####################
Perhaps in this way?:
#####################
-------------------------------------------------------------------------------------------------------------
passdb/passdb.c
------------
/**********************************************************************
Get SAM_ACCOUNT entry  by username
*********************************************************************/
BOOL pdb_getsampwnam(SAM_ACCOUNT * user, const char *sname)
{
..............
         for (sam_db = sam_info->sam_db_list;sam_db; sam_db = sam_db->next)
         {
                 mem_ctx = talloc_init_named("Use %s samdb backend to do 
authentication for user %s", sam_db->name, sname);

                 nt_status = sam_db->getsampwnam(user,sname);
                 ...

..............
}
----------------------------------------------------------------------------------
include/samdb.h
------------
typedef struct samdb_backends
{
         struct samdb_backend *prev, *next;
         char *name; /* What name got this module */



         BOOL (*setsampwent)(BOOL update);
         void (*endsampwent)(void);
         BOOL (*getsampwent)(SAM_ACCOUNT * user);
         BOOL (*getsampwnam)(SAM_ACCOUNT * user, const char *sname);
         BOOL (*getsampwrid)(SAM_ACCOUNT * user, uint32 rid);
         BOOL (*delete_sam_account)(const char *sname);
         BOOL (*update_sam_account)(const SAM_ACCOUNT * newpwd, BOOL override);
         BOOL (*add_sam_account)(const SAM_ACCOUNT * newpwd);


} samdb_backends;

typedef struct sam_init_function {
         char *name;
         /* Function to create a member of the authmethods list */
         BOOL (*init)(struct samdb_backend **sam_db);
} auth_init_function;
------------------------------------------------------------------------------------
passdb/sam_info.c
-----------------
const struct samdb_init_function builtin_samdb_init_functions[] = {
         { "files", samdb_init_files },
         { "tdb", samdb_init_tdb },
         { "ldap", samdb_init_ldap },
         { "nisplus", samdb_init_nisplus },
         { NULL, NULL}
};
...
------------------------------------------------------------------------------------
passdb/pdb_ldap.c
------------------
BOOL samdb_init_ldap(samdb_backends **sam_db)
{
         if (!make_samdb_backend(sam_db)) {
                 return False;
         }

         (*sam_db)->setsampwent = ldap_pwd_setsampwent;
         (*sam_db)->endsampwent = ldap_pwd_endsampwent;
         (*sam_db)->getsampwent = ldap_pwd_getsampwent;
         (*sam_db)->getsampwnam = ldap_pwd_getsampwnam;
         (*sam_db)->getsampwrid = ldap_pwd_getsampwrid;
         (*sam_db)->delete_sam_account = ldap_pwd_delete_sam_account;
         (*sam_db)->update_sam_account = ldap_pwd_update_sam_account;
         (*sam_db)->add_sam_account = ldap_pwd_add_sam_account;


         return True;
}
------------------------------------------------------------------------------------

MfG
metze

Stefan "metze" Metzmacher <metze at metzemix.de>





More information about the samba-technical mailing list