[Samba] backup of tdb files
Philipp Gesang
philipp.gesang at intra2net.com
Thu Oct 25 07:57:44 UTC 2018
-<| Quoting Andrew Bartlett <abartlet at samba.org>, on Thursday, 2018-10-25 08:36:02 PM |>-
> On Thu, 2018-10-25 at 09:16 +0200, Philipp Gesang wrote:
> > Hi Andrew,
> >
> > thank you for your reply.
> >
> > I’m working on a patchset that allows extracting the machine
> > account credentials so they can be stored outside Samba. That
> > part is already working.
>
> Can you remind us of the current patch?
I’ll post it as soon as I get the tests right.
> > The goal is now to always have up to
> > date values stored away to minimize the possibility that a
> > re-join is needed after replaying the creds from a backup. The
> > join requires manual intervention and elevated privileges so it
> > is quite undesirable to request it unless absolutely necessary
> > (e. g. password changed since last backup).
> >
> > There is of course always the option of monitoring secrets.tdb
> > with inotify and acting on change events. It would be more
> > convenient though if I could just throw a script at Samba and
> > have it executed at the right moment.
>
> Perhaps set:
> machine password timeout = 0
> in the smb.conf
>
> and then run
> wbinfo --change-secret
>
> and then do the backup?
Perfect! Thanks a lot.
Philipp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20181025/cd3f3a3c/signature.sig>
More information about the samba
mailing list