samba configuration via rpc - beyond registry shares

David Collier-Brown davec-b at
Wed Jan 3 14:48:56 GMT 2007

Chetan S wrote:
> On 1/2/07, Matthew Geddes <musicalcarrion at> wrote:
  > The basic problems in writing back being "include" and macros. Writing
> back can quickly become a nightmare unless meta data is stored about
> smb.conf in a tdb/ldb.
> Or removing smb.conf altogether ( i don't see that happening though ).
> Or exposing a set of parameters for configuration via rpc with higher
> precedence over the smb.conf values.
> Which ones make sense or neither of them ?
> The biggest problem is of security which I've been told is not trivial
> considering the time it took to get some samba elements secure enough.

   As an initial step, one should be able to request the state be
written out in textual form, so you can use a side-by-side diff
program to inspect the differences between the registry and the
smb.conf, and then either commit or abort the changes to both
the smb.conf and the registry.

   The latter might be done by evaluating the smb.conf and "pushing"
the state of it to the registry...

   Think of this as a synchronization problem: one doesn't necessarily
have a master, one has a way of committing individual changes from
either to both, and it;s easiest for a Unix person to do that at the
Samba end.

David Collier-Brown,         | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at           |                      -- Mark Twain
(416) 223-5943

More information about the samba-technical mailing list