Testing and the 'new SAM'
abartlet at samba.org
Wed Oct 2 10:34:00 GMT 2002
Some more jottings on bits of the 'new SAM' stuff.
Testing is vital in any piece of software, and Samba is certainly no
exception. In designing this new subsystem, we have taken care to ensure
it is easily tested, independent of outside protocols.
To this end, Jelmer has constructed 'samtest'.
This utility (see torture/samtest.c) is structured like rpcclient, but
instead operates on the SAM subsystem. It creates a 'custom' SAM
context, that may be distinct from the default values used by the rest
of the system, and can load a separate configuration file.
A small number of commands are currently implemented, but these have
already proved vital in testing. I expect SAM module authors will find
it particularly valuable.
> context ads:ldap://192.168.1.96
(this loads a new context, using the new ADS module. The paramater is
the 'location' of the ldap server)
> lookup_name DOMAIN abartlet
(returns a sid).
Because the 'new SAM' is NT ACL based, there will be a command to
specify an arbitrary NT ACL, but for now it uses 'system' by default.
This is the first of the SAM modules to be committed to the tree -
mainly because I needed to coordinate work with metze (who authored most
of it). This module aims to use Samba's libads code to provide an
Active Directory LDAP client, suitable for use on a mixed-mode DC.
While it is currently being tested against Win2k servers (with a
password in the smb.conf file) it is expected to eventually use a
(possibly modified) OpenLDAP server. We hope that this will assist in
the construction of an Samba AD DC.
We also intend to construct a Samba 2.2/3.0 compatible ldap module,
again using libads code.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical