Sharing a 'System Read Access' LDB handle in Samba4

Andrew Bartlett abartlet at
Thu Jun 19 04:58:56 GMT 2008

On Wed, 2008-06-18 at 21:49 -0700, Luke Howard wrote:
> On 18/06/2008, at 7:04 PM, Andrew Bartlett wrote:
> > I'm looking for advise on how best to share a 'system read access' ldb
> > handle in Samba4.
> >
> > The role of this handle would be for all the processes in Samba that
> > acts as 'system', do not write to the database, and are invoked by
> > external events (ie, authentication attempts).
> Can you treat authentication attempts as read-only, given that they  
> may require audit-related attributes to be updated?

Hi Luke!

I suppose the depends if these are held in the main DB.  I was under the
impression that to avoid massive replication pressure, that these audit
logs were stored elsewhere, and the only thing to update would be the
'week of last logon' timestamp (from memory).  

What other attributes did you think needed updating?

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list