smbpasswd backend used by default ?

Andrew Bartlett abartlet at
Mon Sep 15 23:32:51 GMT 2003

On Tue, 2003-09-16 at 02:15, Aurélien Degrémont wrote:
> Volker Lendecke wrote:
> > On Mon, Sep 15, 2003 at 10:15:01AM +0200, Aurélien Degrémont wrote:
> > 
> >>Backward compatibilty is good, and Samba 3 perfectly supports smbpasswd 
> >>backend, but use new features is better, particularly in this case.
> > 
> > 
> > Even if you started with smbpasswd, switching is very easy:
> > 
> > pdbedit -i smbpasswd -e tdbsam
> > 
> > Volker
> I know it's easy switching from smbpasswd to tdbsam.
> And it's very easy to configure smbpasswd backend when updating to Samba 
> 3.0.0, one line into smb.conf, and, possibly, one command to convert the 
> backend.
> Whereas, all new fresh installations of Samba 3 will use smbpasswd by 
> default, with no possibilities to use Windows 200X/NT accounts with this 
> backend.
> Is Samba 3 really done for this ?

Sorry?  smbpasswd is still quite functional, even for running a PDC. 
You might not be able to change all the settings per-user, and it lacks
the ability to track things like 'must change time', but it certainly

> I'm just making comments.
> The question is : "Do you prefer compatibility or better features ?"
> It seems that this question is not totally clear inside the Samba team, 
> and i think, that, for this case, new features are more important. In my 
> opinion, Samba 3 must, by default, be able to manage W2k accounts.

Samba is a sufficiently complex beast, and this upgrade is already going
to change some things for users.  While I support the move to encrypted
passwords by default, I see no compelling reason to move to tdbsam at
this late stage.  

For a simple file-server, tdbsam adds almost nothing over smbpasswd,
except the fact that the admin is no longer able (rightly or wrongly) to
edit the file directly.

People understand smbpasswd, they don't understand tdbsam, and we
shouldn't chose this moment to force them to.

Many of our users really don't want the 'better features' - they want
'better correctness' and 'fewer bugs', but those that want the 'better
features' are in a very good position to configure it's use.

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list