1 <samba:parameter name="passdb backend"
3 advanced="1" developer="1"
4 xmlns:samba="http://samba.org/common">
7 <para>This option allows the administrator to chose which backends
8 to retrieve and store passwords with. This allows (for example) both
9 smbpasswd and tdbsam to be used without a recompile. Multiple
10 backends can be specified, separated by spaces. The backends will be
11 searched in the order they are specified. New users are always added
12 to the first backend specified. </para>
14 <para>This parameter is in two parts, the backend's name, and a 'location'
15 string that has meaning only to that particular backed. These are separated
16 by a : character.</para>
18 <para>Available backends can include:
21 <para><command moreinfo="none">smbpasswd</command> - The default smbpasswd
22 backend. Takes a path to the smbpasswd file as an optional argument.
27 <para><command moreinfo="none">tdbsam</command> - The TDB based password storage
28 backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb
29 in the <link linkend="PRIVATEDIR">
30 <parameter moreinfo="none">private dir</parameter></link> directory.</para>
34 <para><command moreinfo="none">ldapsam</command> - The LDAP based passdb
35 backend. Takes an LDAP URL as an optional argument (defaults to
36 <command moreinfo="none">ldap://localhost</command>)</para>
38 <para>LDAP connections should be secured where possible. This may be done using either
39 Start-TLS (see <link linkend="LDAPSSL"><parameter moreinfo="none">ldap ssl</parameter></link>) or by
40 specifying <parameter moreinfo="none">ldaps://</parameter> in
41 the URL argument. </para>
45 <para><command moreinfo="none">nisplussam</command> -
46 The NIS+ based passdb backend. Takes name NIS domain as
47 an optional argument. Only works with sun NIS+ servers.
52 <para><command moreinfo="none">mysql</command> -
53 The MySQL based passdb backend. Takes an identifier as
54 argument. Read the Samba HOWTO Collection for configuration
59 <para><command moreinfo="none">guest</command> -
60 Very simple backend that only provides one user: the guest user.
61 Only maps the NT guest user to the <parameter>guest account</parameter>.
62 Required in pretty much all situations.
68 <para>Default: <command moreinfo="none">passdb backend = smbpasswd</command></para>
70 <para>Example: <command moreinfo="none">passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest</command></para>
72 <para>Example: <command moreinfo="none">passdb backend = ldapsam:ldaps://ldap.example.com guest</command></para>
74 <para>Example: <command moreinfo="none">passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb guest</command></para>