1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

docs: Multiple passdb backend support has been removed

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Andrew Bartlett 2014-06-03 20:20:07 +12:00 committed by Jeremy Allison
parent 655cd95f00
commit 05d78aa205
3 changed files with 6 additions and 51 deletions

View File

@ -679,9 +679,8 @@ productivity.</para>
<indexterm><primary>mysqlsam</primary></indexterm>
<indexterm><primary>LDAP</primary></indexterm>
<indexterm><primary>distributed</primary></indexterm>
Samba is capable of using the <constant>smbpasswd</constant>,
<constant>tdbsam</constant>, <constant>xmlsam</constant>,
and <constant>mysqlsam</constant> authentication databases. The SMB
Samba is capable of using the <constant>smbpasswd</constant> and
<constant>tdbsam</constant>. The SMB
passwords can, of course, also be stored in an LDAP ldapsam
backend. LDAP is the preferred passdb backend for distributed network
operations.
@ -689,9 +688,7 @@ productivity.</para>
<para>
<indexterm><primary>passdb backend</primary></indexterm>
Additionally, it is possible to use multiple passdb backends
concurrently as well as have multiple LDAP backends. As a result, you
can specify a failover LDAP backend. The syntax for specifying a
You can specify a failover LDAP backend. The syntax for specifying a
single LDAP backend in &smb.conf; is:
<screen>
...
@ -722,48 +719,6 @@ passdb backend = ldapsam:"ldap://master.abmas.biz \
</figure>
</para>
<para>
Some folks have tried to implement this without the use of double quotes. This is the type of entry they
created:
<screen>
...
passdb backend = ldapsam:ldap://master.abmas.biz \
ldapsam:ldap://slave.abmas.biz
...
</screen>
<indexterm><primary>contiguous directory</primary></indexterm>
The effect of this style of entry is that Samba lists the users
that are in both LDAP databases. If both contain the same information,
it results in each record being shown twice. This is, of course, not the
solution desired for a failover implementation. The net effect of this
configuration is shown in <link linkend="ch7dualadd"/>
</para>
<figure id="ch7dualadd">
<title>Samba Configuration to Use Dual LDAP Databases - Broken - Do Not Use!</title>
<imagefile scale="55">ch7-dual-additive-LDAP</imagefile>
</figure>
<para>
If, however, each LDAP database contains unique information, this may
well be an advantageous way to effectively integrate multiple LDAP databases
into one seemingly contiguous directory. Only the first database will be updated.
An example of this configuration is shown in <link linkend="ch7dualok"/>.
</para>
<figure id="ch7dualok">
<title>Samba Configuration to Use Two LDAP Databases - The result is additive.</title>
<imagefile scale="55">ch7-dual-additive-LDAP-Ok</imagefile>
</figure>
<note><para>
When the use of ldapsam is specified twice, as shown here, it is imperative
that the two LDAP directories must be disjoint. If the entries are for a
master LDAP server as well as its own slave server, updates to the LDAP
database may end up being lost or corrupted. You may safely use multiple
LDAP backends only if both are entirely separate from each other.
</para></note>
<para>
It is assumed that the network you are working with follows in a
pattern similar to what was covered in <link linkend="happy"/>. The following steps

View File

@ -425,8 +425,8 @@
further challenges ahead.
</para>
<para><emphasis>TechInfo</emphasis> &smbmdash; Slave LDAP servers are introduced. Samba is
configured to use multiple LDAP backends. This is a brief chapter; it assumes that the
<para><emphasis>TechInfo</emphasis> &smbmdash; Slave
LDAP servers are introduced. This is a brief chapter; it assumes that the
technology has been mastered and gets right down to concepts and how to deploy them.
</para>
</listitem>

View File

@ -88,7 +88,7 @@ So, what are the benefits of the features mentioned in this chapter?
<listitem><para>
<indexterm><primary>account</primary><secondary>database</secondary><tertiary>backends</tertiary></indexterm>
<indexterm><primary>encrypted</primary></indexterm>
Samba permits use of multiple concurrent account database backends.
Samba permits use of multiple account database backends.
(Encrypted passwords that are stored in the account database are in
formats that are unique to Windows networking).
</para></listitem>