2004-04-07 10:15:11 +00:00
<samba:parameter name= "passdb backend"
context="G"
2006-07-06 19:08:36 +00:00
type="list"
2004-04-07 10:15:11 +00:00
advanced="1" developer="1"
2005-03-12 22:41:20 +00:00
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
2004-04-07 10:15:11 +00:00
<description >
2006-07-06 19:08:36 +00:00
<para > This option allows the administrator to chose which backend
will be used for storing user and possibly group information. This allows
2008-02-27 12:19:39 +00:00
you to swap between different storage mechanisms without recompile. </para>
2004-04-07 10:15:11 +00:00
2006-07-06 19:08:36 +00:00
<para > The parameter value is divided into two parts, the backend's name, and a 'location'
2004-04-07 10:15:11 +00:00
string that has meaning only to that particular backed. These are separated
by a : character.</para>
<para > Available backends can include:
<itemizedlist >
<listitem >
2009-05-27 12:01:21 +02:00
<para > <command moreinfo= "none" > smbpasswd</command> - The old plaintext passdb
backend. Some Samba features will not work if this passdb
backend is used. Takes a path to the smbpasswd file as an
optional argument.
2004-04-07 10:15:11 +00:00
</para>
</listitem>
<listitem >
<para > <command moreinfo= "none" > tdbsam</command> - The TDB based password storage
backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb
2005-07-06 21:23:58 +00:00
in the <smbconfoption name= "private dir" /> directory.</para>
2004-04-07 10:15:11 +00:00
</listitem>
<listitem >
<para > <command moreinfo= "none" > ldapsam</command> - The LDAP based passdb
backend. Takes an LDAP URL as an optional argument (defaults to
<command moreinfo= "none" > ldap://localhost</command> )</para>
<para > LDAP connections should be secured where possible. This may be done using either
2005-07-06 21:23:58 +00:00
Start-TLS (see <smbconfoption name= "ldap ssl" /> ) or by
2004-04-07 10:15:11 +00:00
specifying <parameter moreinfo= "none" > ldaps://</parameter> in
the URL argument. </para>
2008-04-07 15:36:23 +00:00
<para > Multiple servers may also be specified in double-quotes.
Whether multiple servers are supported or not and the exact
syntax depends on the LDAP library you use.
2004-04-07 10:15:11 +00:00
</para>
</listitem>
</itemizedlist>
2005-07-06 04:05:49 +00:00
2004-04-07 10:15:11 +00:00
</para>
2005-07-06 04:05:49 +00:00
Examples of use are:
2005-08-25 16:49:40 +00:00
<programlisting >
2006-07-06 19:08:36 +00:00
passdb backend = tdbsam:/etc/samba/private/passdb.tdb
2005-07-06 01:04:05 +00:00
2008-04-07 15:36:23 +00:00
or multi server LDAP URL with OpenLDAP library:
2005-07-06 01:04:05 +00:00
2006-07-06 19:08:36 +00:00
passdb backend = ldapsam:"ldap://ldap-1.example.com ldap://ldap-2.example.com"
2008-04-07 15:36:23 +00:00
or multi server LDAP URL with Netscape based LDAP library:
passdb backend = ldapsam:"ldap://ldap-1.example.com ldap-2.example.com"
2005-08-25 16:49:40 +00:00
</programlisting>
2005-07-06 04:05:49 +00:00
</description>
2009-05-27 12:01:21 +02:00
<value type= "default" > tdbsam</value>
2004-04-07 10:15:11 +00:00
</samba:parameter>
