proposal for remotable smb.conf via \winreg pipe

Gerald (Jerry) Carter jerry at samba.org
Mon Jul 18 20:20:14 GMT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've talked to a couple of people about this and it seems like
it has some possibility so here's the request for comments.

Background
==========

While dealing with printmig.exe, it became apparent to me
that we could stand to consolidate some data storage rather
than having separate storage formats for every tdb.  Note
that this does not necessarily mean consolidating tdbs which
in fact there are good reasons to keep information some
information separate.

The current code in SAMBA_3_0 allows for virtualizing tdbs
into a single logical registry.  Windows expects that
information written on one pipe show up on other pipes
instantaneously.  Very similar to how AD expects data written
via one protocol to be immediately accessible via another
protocol.

Using \winreg for Remote Administration
=======================================

What I'm considering is adding a new registry path to Samba3
(HKLM\SOFTWARE\Samba\Config).  Each subkey below this path
would represent a service in smb.conf and each value/data pair
would be a parameter = value line from smb.conf.

By modifying values and keys via this interface, remote
management applications could manage Samba server configurations.
This even has advantages with the client and server on the same
machine.  For example, consider a plugin for Konqueror or Nautilus
that allows a user for sharing their own directories.  Access
control to smb.conf can be done via a security descriptor model
enforced by the smb.conf registry backend.

By providing the management interface, anyone can write
their own management tools (local or remote).


Key Pieces
==========

The following pieces are pretty crucial to getting this in a
really useful state.

* a user rpc library for existing winreg calls (in progress)
* exposing smb.conf via winreg (small amount of work)
* providing granular access to portions of smb.conf

I'm going to gloss over this last point for now as to focus on
the question whether or not there are more people in this type
of remote administration protocol.

I can expand on this some more if people are interested.





cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC3A7+IR7qMdg1EfYRApscAKDIMZU3KDP+eTeh0p42oi5N7ecuaQCg61nO
/RF/VFk6NAARGwIgBWAxpZg=
=IlBw
-----END PGP SIGNATURE-----

More information about the samba-technical mailing list