diff options
Diffstat (limited to 'docs-xml/smbdotconf/security/passdbbackend.xml')
-rw-r--r-- | docs-xml/smbdotconf/security/passdbbackend.xml | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/passdbbackend.xml b/docs-xml/smbdotconf/security/passdbbackend.xml new file mode 100644 index 0000000..8265b3e --- /dev/null +++ b/docs-xml/smbdotconf/security/passdbbackend.xml @@ -0,0 +1,65 @@ +<samba:parameter name="passdb backend" + context="G" + type="string" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + + <para>This option allows the administrator to chose which backend + will be used for storing user and possibly group information. This allows + you to swap between different storage mechanisms without recompile. </para> + + <para>The parameter value is divided into two parts, the backend's name, and a 'location' + string that has meaning only to that particular backed. These are separated + by a : character.</para> + + <para>Available backends can include: + <itemizedlist> + <listitem> + <para><command moreinfo="none">smbpasswd</command> - The old plaintext passdb + backend. Some Samba features will not work if this passdb + backend is used. Takes a path to the smbpasswd file as an + optional argument. + </para> + </listitem> + + <listitem> + <para><command moreinfo="none">tdbsam</command> - The TDB based password storage + backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb + in the <smbconfoption name="private dir"/> directory.</para> + </listitem> + + <listitem> + <para><command moreinfo="none">ldapsam</command> - The LDAP based passdb + backend. Takes an LDAP URL as an optional argument (defaults to + <command moreinfo="none">ldap://localhost</command>)</para> + + <para>LDAP connections should be secured where possible. This may be done using either + Start-TLS (see <smbconfoption name="ldap ssl"/>) or by + specifying <parameter moreinfo="none">ldaps://</parameter> in + the URL argument. </para> + + <para>Multiple servers may also be specified in double-quotes. + Whether multiple servers are supported or not and the exact + syntax depends on the LDAP library you use. + </para> + + </listitem> + </itemizedlist> + + </para> + Examples of use are: +<programlisting> +passdb backend = tdbsam:/etc/samba/private/passdb.tdb + +or multi server LDAP URL with OpenLDAP library: + +passdb backend = ldapsam:"ldap://ldap-1.example.com ldap://ldap-2.example.com" + +or multi server LDAP URL with Netscape based LDAP library: + +passdb backend = ldapsam:"ldap://ldap-1.example.com ldap-2.example.com" +</programlisting> +</description> + +<value type="default">tdbsam</value> +</samba:parameter> |