2004-04-07 14:15:11 +04:00
<samba:parameter name= "passdb backend"
context="G"
2015-05-01 00:32:45 +03:00
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
2004-04-07 14:15:11 +04:00
<description >
2006-07-06 23:08:36 +04:00
<para > This option allows the administrator to chose which backend
will be used for storing user and possibly group information. This allows
2008-02-27 15:19:39 +03:00
you to swap between different storage mechanisms without recompile. </para>
2004-04-07 14:15:11 +04:00
2006-07-06 23:08:36 +04:00
<para > The parameter value is divided into two parts, the backend's name, and a 'location'
2004-04-07 14:15:11 +04:00
string that has meaning only to that particular backed. These are separated
by a : character.</para>
<para > Available backends can include:
<itemizedlist >
<listitem >
2009-05-27 14:01:21 +04:00
<para > <command moreinfo= "none" > smbpasswd</command> - The old plaintext passdb
backend. Some Samba features will not work if this passdb
backend is used. Takes a path to the smbpasswd file as an
optional argument.
2004-04-07 14:15:11 +04:00
</para>
</listitem>
<listitem >
<para > <command moreinfo= "none" > tdbsam</command> - The TDB based password storage
backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb
2005-07-07 01:23:58 +04:00
in the <smbconfoption name= "private dir" /> directory.</para>
2004-04-07 14:15:11 +04:00
</listitem>
<listitem >
<para > <command moreinfo= "none" > ldapsam</command> - The LDAP based passdb
backend. Takes an LDAP URL as an optional argument (defaults to
<command moreinfo= "none" > ldap://localhost</command> )</para>
<para > LDAP connections should be secured where possible. This may be done using either
2005-07-07 01:23:58 +04:00
Start-TLS (see <smbconfoption name= "ldap ssl" /> ) or by
2004-04-07 14:15:11 +04:00
specifying <parameter moreinfo= "none" > ldaps://</parameter> in
the URL argument. </para>
2008-04-07 19:36:23 +04:00
<para > Multiple servers may also be specified in double-quotes.
Whether multiple servers are supported or not and the exact
syntax depends on the LDAP library you use.
2004-04-07 14:15:11 +04:00
</para>
</listitem>
</itemizedlist>
2005-07-06 08:05:49 +04:00
2004-04-07 14:15:11 +04:00
</para>
2005-07-06 08:05:49 +04:00
Examples of use are:
2005-08-25 20:49:40 +04:00
<programlisting >
2006-07-06 23:08:36 +04:00
passdb backend = tdbsam:/etc/samba/private/passdb.tdb
2005-07-06 05:04:05 +04:00
2008-04-07 19:36:23 +04:00
or multi server LDAP URL with OpenLDAP library:
2005-07-06 05:04:05 +04:00
2006-07-06 23:08:36 +04:00
passdb backend = ldapsam:"ldap://ldap-1.example.com ldap://ldap-2.example.com"
2008-04-07 19:36:23 +04:00
or multi server LDAP URL with Netscape based LDAP library:
passdb backend = ldapsam:"ldap://ldap-1.example.com ldap-2.example.com"
2005-08-25 20:49:40 +04:00
</programlisting>
2005-07-06 08:05:49 +04:00
</description>
2009-05-27 14:01:21 +04:00
<value type= "default" > tdbsam</value>
2004-04-07 14:15:11 +04:00
</samba:parameter>
