[PATCH] sam backend parameter

Andrew Bartlett abartlet at samba.org
Tue Oct 1 08:07:02 GMT 2002


"Stefan (metze) Metzmacher" wrote:
> 
> Hi Jelmer,
> 
> here's a patch witch changes the syntax of the sam backend parameter:
> 
> now it's plugin[|DOMAIN][:options] ... I think it nicer:-)
> 
> If you didn't accept that patch please move the 'strchr' to 'strrchr', (but
> there're also a few other bugs, in the parsing sam_backend_string in
> make_backend_entry()), because as it is now it didn't work with:
> 
> plugin[:options][|DOMAIN] :-(
> 
> plugin:/usr/lib/samba/sam_passdb.so:test|test2:test3|test4|MX.BASE

Well, I'm starting to think our syntax is just getting too complex.  All
the 'solutions' for putting 'domain' in there just look ugly!

Some poor admin has to construct this line, and even if they don't use
multidomain stuff (and that's almost everybody), then have to read the
doco that attempts to explain it.

I think we should remove the DOMAIN bit compleatly, and allow backends
to store both their own SID and thier domain name.  If they don't 'know'
it, then they can either chose the default, or use a 'parametric option'
to specify it.

EG:

sam backend = ads:ldap://foo smbpasswd:/etc/private/smbpasswd

sam 2:domain = DOM2

(Where the prefix 'sam 2' would belong to the second SAM on the line).

Likewise for all paramaters apart from a simple 'location' in the sam
backend line.

And yes, I know this reverses previous decisions on the interface, but
I'm starting to feel this is a much better way forward.  For example,
with the SAM storing the SID, you could just add a BDC to a LDAP server,
and not have to do 'suck SID' operations first.  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net



More information about the samba-technical mailing list