Plugable passdb (SAM) modules

Andrew Bartlett abartlet at
Tue Jan 15 09:11:47 GMT 2002

I've started on an implementation of plugable passdb modules.

My particular interst in this is to allow me to do 'intersting' things
without having to recompile as I move betwen modules.  (Like having
users without a unix identity and other such objectionable notions).

The idea is that there would be 'yet another smb.conf option': passdb
backend = ...

This would select from the list of available modules and load it at
startup. (first passdb access or init).

This requries a few changes, but I intend to wrap most of them behind
the same external interface.  Internally, each passdb module will have
an init function that fills in and returns a struct containing function

It will also have a void * in which it can store state (file handles,
ldap handles etc).  This should remove the need for statics.

I'm also be implementing the 'reread' changes to the interface, where an
add/update/delete don't 'succeed' until a re-read of the db produces a
compatible result and the SAM_ACCOUNT passed for that user is updated.

This whole this will look much like my auth work once its all done.

The main problem with all this (once I get it coded, tested etc) is the
fact that it will spoil all hopes of keeping 2.2 in sync on the passdb
side of things.  This is the main reason for this e-mail:  A heads up
and an oppotunity to say 'don't commit it any time soon' or the like...

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at

More information about the samba-technical mailing list