[Samba] Group Mapping in MySQL backend

Bjoern Scheuermann bjoern at solution.de
Wed Feb 4 18:32:20 GMT 2004


Hi Jelmer,

> > I also consider a little patch for being able to use one single table for
> > nss_mysql's and samba's data. More precise, I don't want smbpasswd -a or
> > a samba domain join to fail if a row with the given UID/username already
> > exists, but rather to fill the "samba-columns", i.e. doing an UPDATE
> > instead of an INSERT, if the ID already exists.
>
> That's a one-liner. INSERT should be replaced with REPLACE in that
> case.

ah - no. I don't want to lose the values in all the non-samba columns. :-)

> > > > > And - by the way - is there any reason why pdb_mysql should not
> > > > > (yet) be used in larger installations (several hundert clients), or
> > > > > why several servers shouldn't share one common database? Are there
> > > > > any experiences regarding such installations, or are any problems
> > > > > already known?
> > > >
> > > > Nobody using it with more than a few users/clients?
> > > > What a pitty...
> > >
> > > There are a couple of large installations out there. It's just that
> > > LDAP is more commonly used for user databases. Other reasons might be:
> > >
> > > - libnss_mysql doesn't work very well (at least, last time I tried it)
> >
> > Works fine for me at the moment, although just in a really small
> > experimental setup. Do you have some more information on what kind of
> > problems occured? Maybe I could do some more specific tests then.
>
> I had random crashes, etc, so I wrote my own
> libnss_mysql back then. I'm not sure how the code is these days,
> though.

Hmm, I think I have to do some real-world testing as soon as possible then...

> > > - user databases are most of the time read-only operations, something
> > > LDAP is optimized for
> > > - Easier extension of fields stored for users - it's easy to add a
> > > schema, while in MySQL you would have to modify your table.
> >
> > We're working on an authentication scheme for server installations in
> > schools, and we'll regularly have some quite complicated and large-scale
> > automated modifications in the user and group structure -- at least once
> > a year. Additionally we have some privilege-related user- and
> > group-metadata with various kinds of relations, which doesn't fit into a
> > tree structure very well and gets updated quite often.
> > Therefore we got the idea of putting it all into a SQL database.
>
> Ah, cool. It's always nice to hear when people are using the software
> you wrote :-)

It's always nice to have people writing software that exactly does what you 
need :-)

Thanks a lot!


Bjoern


More information about the samba mailing list