- Put functions for generating SQL queries in pdb_sql.c

- Add pgSQL backend (based on patch by Hamish Friedlander)
- Use query generate functions from pdb_mysql and pdb_pgsql
- Only pdb_pgsql.c needs to be changed whenever the fields in SAM_ACCOUNT change
(This used to be commit 65ad2c02fd2bf36d535c279ad290ab81e39f6816)

7 files changed, 1074 insertions, 507 deletions

diff --git a/source3/Makefile.in b/source3/Makefile.in
index 3fa53c577d..6a60ef0221 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -287,10 +287,11 @@ PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o
 
 PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
 		passdb/machine_sid.o passdb/util_sam_sid.o passdb/pdb_compat.o \
-		passdb/privileges.o passdb/lookup_sid.o @PDB_STATIC@ 
+		passdb/privileges.o passdb/lookup_sid.o @PDB_STATIC@ passdb/pdb_sql.o
 
 XML_OBJ = passdb/pdb_xml.o
 MYSQL_OBJ = passdb/pdb_mysql.o
+PGSQL_OBJ = passdb/pdb_pgsql.o
 DEVEL_HELP_WEIRD_OBJ = modules/weird.o
 CP850_OBJ = modules/CP850.o
 CP437_OBJ = modules/CP437.o
@@ -1075,6 +1076,11 @@ bin/mysql.@SHLIBEXT@: $(MYSQL_OBJ:.o=.@PICSUFFIX@)
 	@$(SHLD) $(LDSHFLAGS) -o $@ $(MYSQL_OBJ:.o=.@PICSUFFIX@) @MYSQL_LIBS@ \
 		@SONAMEFLAG@`basename $@`
 
+bin/pgsql.@SHLIBEXT@: $(PGSQL_OBJ:.o=.po)
+	@echo "Building plugin $@"
+	@$(SHLD) $(LDSHFLAGS) -o $@ $(PGSQL_OBJ:.o=.po) @PGSQL_LIBS@ \
+      @SONAMEFLAG@`basename $@`
+
 bin/ldapsam.@SHLIBEXT@: passdb/pdb_ldap.@PICSUFFIX@
 	@echo "Building plugin $@"
 	@$(SHLD) $(LDSHFLAGS) $(LDAP_LIBS) -o $@ passdb/pdb_ldap.@PICSUFFIX@ \
diff --git a/source3/aclocal.m4 b/source3/aclocal.m4
index 96f265daf2..6de11953b4 100644
--- a/source3/aclocal.m4
+++ b/source3/aclocal.m4
@@ -484,6 +484,51 @@ AC_ARG_WITH(mysql-exec-prefix,[  --with-mysql-exec-prefix=PFX Exec prefix where
   AC_SUBST(MYSQL_LIBS)
 ])
 
+# =========================================================================
+# AM_PATH_PGSQL : pgSQL library
+
+dnl AM_PATH_PGSQL([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for PGSQL, and define PGSQL_CFLAGS and PGSQL_LIBS
+dnl
+AC_DEFUN(AM_PATH_PGSQL,
+[dnl
+dnl Get the cflags and libraries from the pg_config script
+dnl
+AC_ARG_WITH(pgsql-prefix,[  --with-pgsql-prefix=PFX   Prefix where PostgreSQL is installed (optional)],
+            pgsql_prefix="$withval", pgsql_prefix="")
+AC_ARG_WITH(pgsql-exec-prefix,[  --with-pgsql-exec-prefix=PFX Exec prefix where PostgreSQL is installed (optional)],
+            pgsql_exec_prefix="$withval", pgsql_exec_prefix="")
+
+  if test x$pgsql_exec_prefix != x ; then
+     if test x${PGSQL_CONFIG+set} != xset ; then
+        PGSQL_CONFIG=$pgsql_exec_prefix/bin/pg_config
+     fi
+  fi
+  if test x$pgsql_prefix != x ; then
+     if test x${PGSQL_CONFIG+set} != xset ; then
+        PGSQL_CONFIG=$pgsql_prefix/bin/pg_config
+     fi
+  fi
+
+  AC_REQUIRE([AC_CANONICAL_TARGET])
+  AC_PATH_PROG(PGSQL_CONFIG, pg_config, no, [$PATH:/usr/lib/postgresql/bin])
+  AC_MSG_CHECKING(for PGSQL)
+  no_pgsql=""
+  if test "$PGSQL_CONFIG" = "no" ; then
+    PGSQL_CFLAGS=""
+    PGSQL_LIBS=""
+    AC_MSG_RESULT(no)
+     ifelse([$2], , :, [$2])
+  else
+    PGSQL_CFLAGS=-I`$PGSQL_CONFIG --includedir`
+    PGSQL_LIBS="-lpq -L`$PGSQL_CONFIG --libdir`"
+    AC_MSG_RESULT(yes)
+    ifelse([$1], , :, [$1])
+  fi
+  AC_SUBST(PGSQL_CFLAGS)
+  AC_SUBST(PGSQL_LIBS)
+])
+
 dnl Removes -I/usr/include/? from given variable
 AC_DEFUN(CFLAGS_REMOVE_USR_INCLUDE,[
   ac_new_flags=""
diff --git a/source3/configure.in b/source3/configure.in
index edb6576db1..02647bca47 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -2753,30 +2753,35 @@ fi
 
 ########################################################
 # Compile experimental passdb backends?
-# (pdb_xml, pdb_mysql)
+# (pdb_xml, pdb_mysql, pdb_pgsql)
 AC_MSG_CHECKING(whether to build experimental passdb libraries)
 AC_ARG_WITH(expsam,
 [  --with-expsam=<list>    Include experimental passdb libraries (default=no)]
 [                          Valid choices include (comma separated list): ]
-[                              xml & mysql],
+[                              xml, mysql & pgsql],
 [ expsam_pdb_modules=`echo "$withval" | sed 's/,/ /g'`
   if test "z$expsam_pdb_modules" = "zyes"; then
-    expsam_pdb_modules="xml mysql"
+    expsam_pdb_modules="xml mysql pgsql"
   fi
   AC_MSG_RESULT($expsam_pdb_modules)
   for i in $expsam_pdb_modules
   do 
     case "$i" in
-    xml)
+    xml|all|yes)
       ## pdb_xml
 	  AM_PATH_XML2([2.0.0],[default_shared_modules="$default_shared_modules pdb_xml"],[AC_MSG_ERROR([Can't find XML libraries while XML support is requested])])
       CFLAGS="$CFLAGS $XML_CFLAGS"
       ;;
-    mysql)
+    mysql|all|yes)
       ## pdb_mysql
 	  AM_PATH_MYSQL([default_shared_modules="$default_shared_modules pdb_mysql"],[AC_MSG_ERROR([Can't find MySQL libraries while MySQL support is requested])])
       CFLAGS="$CFLAGS $MYSQL_CFLAGS"
       ;;
+     pgsql|all|yes)
+      ## pdb_pgsql
+      AM_PATH_PGSQL([default_shared_modules="$default_shared_modules pdb_pgsql"],[])
+      CFLAGS="$CFLAGS $PGSQL_CFLAGS"
+      ;;
     no)
       ;;
     *)
@@ -4175,6 +4180,8 @@ SMB_MODULE(pdb_xml, passdb/pdb_xml.o, "bin/xml.$SHLIBEXT", PDB,
 		  [ PASSDB_LIBS="$PASSDB_LIBS $XML_LIBS" ] )
 SMB_MODULE(pdb_mysql, passdb/pdb_mysql.o, "bin/mysql.$SHLIBEXT", PDB, 
 		   [ PASSDB_LIBS="$PASSDB_LIBS $MYSQL_LIBS" ]	)
+SMB_MODULE(pdb_pgsql, passdb/pdb_pgsql.o, "bin/pgsql.$SHLIBEXT", PDB, 
+		   [ PASSDB_LIBS="$PASSDB_LIBS $PGSQL_LIBS" ]	)
 
 ## end of contributed pdb_modules
 ###########################################################################
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 3e9036aef7..355d1286fd 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -300,4 +300,6 @@ struct pdb_init_function_entry {
 	struct pdb_init_function_entry *prev, *next;
 };
 
+enum sql_search_field { SQL_SEARCH_NONE = 0, SQL_SEARCH_USER_SID = 1, SQL_SEARCH_USER_NAME = 2};
+
 #endif /* _PASSDB_H */
diff --git a/source3/passdb/pdb_mysql.c b/source3/passdb/pdb_mysql.c
index 7c2c56e359..acc1eff829 100644
--- a/source3/passdb/pdb_mysql.c
+++ b/source3/passdb/pdb_mysql.c
@@ -1,7 +1,6 @@
-
 /*
  * MySQL password backend for samba
- * Copyright (C) Jelmer Vernooij 2002
+ * Copyright (C) Jelmer Vernooij 2002-2004
  * 
  * This program is free software; you can redistribute it and/or modify it under
  * the terms of the GNU General Public License as published by the Free
@@ -21,37 +20,6 @@
 #include "includes.h"
 #include <mysql/mysql.h>
 
-#define CONFIG_TABLE_DEFAULT				"user"
-#define CONFIG_LOGON_TIME_DEFAULT			"logon_time"
-#define CONFIG_LOGOFF_TIME_DEFAULT			"logoff_time"
-#define CONFIG_KICKOFF_TIME_DEFAULT			"kickoff_time"
-#define CONFIG_PASS_LAST_SET_TIME_DEFAULT		"pass_last_set_time"
-#define CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT		"pass_can_change_time"
-#define CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT 		"pass_must_change_time"
-#define CONFIG_USERNAME_DEFAULT 			"username"
-#define CONFIG_DOMAIN_DEFAULT				"domain"
-#define CONFIG_NT_USERNAME_DEFAULT  			"nt_username"
-#define CONFIG_FULLNAME_DEFAULT				"nt_fullname"
-#define CONFIG_HOME_DIR_DEFAULT				"home_dir"
-#define CONFIG_DIR_DRIVE_DEFAULT			"dir_drive"
-#define CONFIG_LOGON_SCRIPT_DEFAULT			"logon_script"
-#define CONFIG_PROFILE_PATH_DEFAULT			"profile_path"
-#define CONFIG_ACCT_DESC_DEFAULT			"acct_desc"
-#define CONFIG_WORKSTATIONS_DEFAULT			"workstations"
-#define CONFIG_UNKNOWN_STR_DEFAULT			"unknown_str"
-#define CONFIG_MUNGED_DIAL_DEFAULT			"munged_dial"
-#define CONFIG_USER_SID_DEFAULT				"user_sid"
-#define CONFIG_GROUP_SID_DEFAULT			"group_sid"
-#define CONFIG_LM_PW_DEFAULT				"lm_pw"
-#define CONFIG_NT_PW_DEFAULT				"nt_pw"
-#define CONFIG_PLAIN_PW_DEFAULT				"NULL"
-#define CONFIG_ACCT_CTRL_DEFAULT			"acct_ctrl"
-#define CONFIG_UNKNOWN_3_DEFAULT			"unknown_3"
-#define CONFIG_LOGON_DIVS_DEFAULT			"logon_divs"
-#define CONFIG_HOURS_LEN_DEFAULT			"hours_len"
-#define CONFIG_BAD_PASSWORD_COUNT_DEFAULT		"bad_password_count"
-#define CONFIG_LOGON_COUNT_DEFAULT			"logon_count"
-#define CONFIG_UNKNOWN_6_DEFAULT			"unknown_6"
 #define CONFIG_HOST_DEFAULT				"localhost"
 #define CONFIG_USER_DEFAULT				"samba"
 #define CONFIG_PASS_DEFAULT				""
@@ -69,14 +37,6 @@ typedef struct pdb_mysql_data {
 	const char *location;
 } pdb_mysql_data;
 
-/* Used to construct insert and update queries */
-
-typedef struct pdb_mysql_query {
-	char update;
-	TALLOC_CTX *mem_ctx;
-	char *part1;
-	char *part2;
-} pdb_mysql_query;
 #define SET_DATA(data,methods) { \
 	if(!methods){ \
 		DEBUG(0, ("invalid methods!\n")); \
@@ -89,125 +49,13 @@ typedef struct pdb_mysql_query {
 		} \
 }
 
-static void pdb_mysql_int_field(struct pdb_methods *m,
-					struct pdb_mysql_query *q, const char *name, int value)
-{
-	if (!name || strchr(name, '\''))
-		return;                 /* This field shouldn't be set by us */
-
-	if (q->update) {
-		q->part1 =
-			talloc_asprintf_append(q->mem_ctx, q->part1,
-								   "%s = %d,", name, value);
-	} else {
-		q->part1 =
-			talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
-		q->part2 =
-			talloc_asprintf_append(q->mem_ctx, q->part2, "%d,", value);
-	}
-}
-
-static NTSTATUS pdb_mysql_string_field(struct pdb_methods *methods,
-					   struct pdb_mysql_query *q,
-					   const char *name, const char *value)
-{
-	char *esc_value;
-	struct pdb_mysql_data *data;
-	char *tmp_value;
-
-	SET_DATA(data, methods);
-
-	if (!name || !value || !strcmp(value, "") || strchr(name, '\''))
-		return NT_STATUS_INVALID_PARAMETER;   /* This field shouldn't be set by module */
-
-	esc_value = malloc(strlen(value) * 2 + 1);
-
-	tmp_value = smb_xstrdup(value);
-	mysql_real_escape_string(data->handle, esc_value, tmp_value,
-							 strlen(tmp_value));
-	SAFE_FREE(tmp_value);
-
-	if (q->update) {
-		q->part1 =
-			talloc_asprintf_append(q->mem_ctx, q->part1,
-								   "%s = '%s',", name, esc_value);
-	} else {
-		q->part1 =
-			talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
-		q->part2 =
-			talloc_asprintf_append(q->mem_ctx, q->part2, "'%s',",
-								   esc_value);
-	}
-
-	SAFE_FREE(esc_value);
-
-	return NT_STATUS_OK;
-}
-
-#define config_value(data,name,default_value) \
-	lp_parm_const_string(GLOBAL_SECTION_SNUM, (data)->location, name, default_value)
-
-static const char * config_value_write(pdb_mysql_data * data, const char *name, const char *default_value) {
-	char const *v = NULL;
-	char const *swrite = NULL;
-
-	v = lp_parm_const_string(GLOBAL_SECTION_SNUM, data->location, name, default_value);
-
-	if (!v)
-		return NULL;
-
-	swrite = strrchr(v, ':');
-
-	/* Default to the same field as read field */
-	if (!swrite)
-		return v;
-
-	swrite++;
-
-	/* If the field is 0 chars long, we shouldn't write to it */
-	if (!strlen(swrite) || !strcmp(swrite, "NULL"))
-		return NULL;
-
-	/* Otherwise, use the additionally specified */
-	return swrite;
-}
-
-static const char * config_value_read(pdb_mysql_data * data, const char *name, const char *default_value)
-{
-	char *v = NULL;
-	char *swrite;
-
-	v = lp_parm_talloc_string(GLOBAL_SECTION_SNUM, data->location, name, default_value);
-
-	if (!v)
-		return "NULL";
-
-	swrite = strrchr(v, ':');
-
-	/* If no write is specified, there are no problems */
-	if (!swrite) {
-		if (strlen(v) == 0)
-			return "NULL";
-		return (const char *)v;
-	}
-
-	/* Otherwise, we have to cut the ':write_part' */
-	*swrite = '\0';
-	if (strlen(v) == 0)
-		return "NULL";
-
-	return (const char *)v;
-}
+#define config_value( data, name, default_value ) \
+  lp_parm_const_string( GLOBAL_SECTION_SNUM, (data)->location, name, default_value )
 
-/* Wrapper for atol that returns 0 if 'a' points to NULL */
-static long xatol(const char *a)
+static long xatol(const char *d)
 {
-	long ret = 0;
-
-	if (a != NULL)
-		ret = atol(a);
-
-	return ret;
+	if(!d) return 0;
+	return atol(d);
 }
 
 static NTSTATUS row_to_sam_account(MYSQL_RES * r, SAM_ACCOUNT * u)
@@ -285,72 +133,8 @@ static NTSTATUS mysqlsam_setsampwent(struct pdb_methods *methods, BOOL update)
 		return NT_STATUS_INVALID_HANDLE;
 	}
 
-	asprintf(&query,
-			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s",
-			 config_value_read(data, "logon time column",
-							   CONFIG_LOGON_TIME_DEFAULT),
-			 config_value_read(data, "logoff time column",
-							   CONFIG_LOGOFF_TIME_DEFAULT),
-			 config_value_read(data, "kickoff time column",
-							   CONFIG_KICKOFF_TIME_DEFAULT),
-			 config_value_read(data, "pass last set time column",
-							   CONFIG_PASS_LAST_SET_TIME_DEFAULT),
-			 config_value_read(data, "pass can change time column",
-							   CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
-			 config_value_read(data, "pass must change time column",
-							   CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
-			 config_value_read(data, "username column",
-							   CONFIG_USERNAME_DEFAULT),
-			 config_value_read(data, "domain column",
-							   CONFIG_DOMAIN_DEFAULT),
-			 config_value_read(data, "nt username column",
-							   CONFIG_NT_USERNAME_DEFAULT),
-			 config_value_read(data, "fullname column",
-							   CONFIG_FULLNAME_DEFAULT),
-			 config_value_read(data, "home dir column",
-							   CONFIG_HOME_DIR_DEFAULT),
-			 config_value_read(data, "dir drive column",
-							   CONFIG_DIR_DRIVE_DEFAULT),
-			 config_value_read(data, "logon script column",
-							   CONFIG_LOGON_SCRIPT_DEFAULT),
-			 config_value_read(data, "profile path column",
-							   CONFIG_PROFILE_PATH_DEFAULT),
-			 config_value_read(data, "acct desc column",
-							   CONFIG_ACCT_DESC_DEFAULT),
-			 config_value_read(data, "workstations column",
-							   CONFIG_WORKSTATIONS_DEFAULT),
-			 config_value_read(data, "unknown string column",
-							   CONFIG_UNKNOWN_STR_DEFAULT),
-			 config_value_read(data, "munged dial column",
-							   CONFIG_MUNGED_DIAL_DEFAULT),
-			 config_value_read(data, "user sid column",
-							   CONFIG_USER_SID_DEFAULT),
-			 config_value_read(data, "group sid column",
-							   CONFIG_GROUP_SID_DEFAULT),
-			 config_value_read(data, "lanman pass column",
-							   CONFIG_LM_PW_DEFAULT),
-			 config_value_read(data, "nt pass column",
-							   CONFIG_NT_PW_DEFAULT),
-			 config_value_read(data, "plain pass column",
-							   CONFIG_PLAIN_PW_DEFAULT),
-			 config_value_read(data, "acct ctrl column",
-							   CONFIG_ACCT_CTRL_DEFAULT),
-			 config_value_read(data, "unknown 3 column",
-							   CONFIG_UNKNOWN_3_DEFAULT),
-			 config_value_read(data, "logon divs column",
-							   CONFIG_LOGON_DIVS_DEFAULT),
-			 config_value_read(data, "hours len column",
-							   CONFIG_HOURS_LEN_DEFAULT),
-			 config_value_read(data, "bad password count column",
-							   CONFIG_BAD_PASSWORD_COUNT_DEFAULT),
-			 config_value_read(data, "logon count column",
-							   CONFIG_LOGON_COUNT_DEFAULT),
-			 config_value_read(data, "unknown 6 column",
-							   CONFIG_UNKNOWN_6_DEFAULT),
-			 config_value(data, "table", CONFIG_TABLE_DEFAULT)
-				 );
-	DEBUG(5, ("Executing query %s\n", query));
-	
+	query = sql_account_query_select(data->location, update, SQL_SEARCH_NONE, NULL);
+
 	ret = mysql_query(data->handle, query);
 	SAFE_FREE(query);
 
@@ -416,7 +200,7 @@ static NTSTATUS mysqlsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *
 }
 
 static NTSTATUS mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOUNT * user,
-						 const char *field, const char *sname)
+						 enum sql_search_field field, const char *sname)
 {
 	char *esc_sname;
 	char *query;
@@ -433,10 +217,6 @@ static NTSTATUS mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOU
 		return NT_STATUS_NO_MEMORY; 
 	}
 
-	DEBUG(5,
-		  ("mysqlsam_select_by_field: getting data where %s = %s(nonescaped)\n",
-		   field, sname));
-
 	tmp_sname = smb_xstrdup(sname);
 	
 	/* Escape sname */
@@ -451,71 +231,8 @@ static NTSTATUS mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOU
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	asprintf(&query,
-			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'",
-			 config_value_read(data, "logon time column",
-							   CONFIG_LOGON_TIME_DEFAULT),
-			 config_value_read(data, "logoff time column",
-							   CONFIG_LOGOFF_TIME_DEFAULT),
-			 config_value_read(data, "kickoff time column",
-							   CONFIG_KICKOFF_TIME_DEFAULT),
-			 config_value_read(data, "pass last set time column",
-							   CONFIG_PASS_LAST_SET_TIME_DEFAULT),
-			 config_value_read(data, "pass can change time column",
-							   CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
-			 config_value_read(data, "pass must change time column",
-							   CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
-			 config_value_read(data, "username column",
-							   CONFIG_USERNAME_DEFAULT),
-			 config_value_read(data, "domain column",
-							   CONFIG_DOMAIN_DEFAULT),
-			 config_value_read(data, "nt username column",
-							   CONFIG_NT_USERNAME_DEFAULT),
-			 config_value_read(data, "fullname column",
-							   CONFIG_FULLNAME_DEFAULT),
-			 config_value_read(data, "home dir column",
-							   CONFIG_HOME_DIR_DEFAULT),
-			 config_value_read(data, "dir drive column",
-							   CONFIG_DIR_DRIVE_DEFAULT),
-			 config_value_read(data, "logon script column",
-							   CONFIG_LOGON_SCRIPT_DEFAULT),
-			 config_value_read(data, "profile path column",
-							   CONFIG_PROFILE_PATH_DEFAULT),
-			 config_value_read(data, "acct desc column",
-							   CONFIG_ACCT_DESC_DEFAULT),
-			 config_value_read(data, "workstations column",
-							   CONFIG_WORKSTATIONS_DEFAULT),
-			 config_value_read(data, "unknown string column",
-							   CONFIG_UNKNOWN_STR_DEFAULT),
-			 config_value_read(data, "munged dial column",
-							   CONFIG_MUNGED_DIAL_DEFAULT),
-			 config_value_read(data, "user sid column",
-							   CONFIG_USER_SID_DEFAULT),
-			 config_value_read(data, "group sid column",
-							   CONFIG_GROUP_SID_DEFAULT),
-			 config_value_read(data, "lanman pass column",
-							   CONFIG_LM_PW_DEFAULT),
-			 config_value_read(data, "nt pass column",
-							   CONFIG_NT_PW_DEFAULT),
-			 config_value_read(data, "plain pass column",
-							   CONFIG_PLAIN_PW_DEFAULT),
-			 config_value_read(data, "acct ctrl column",
-							   CONFIG_ACCT_CTRL_DEFAULT),
-			 config_value_read(data, "unknown 3 column",
-							   CONFIG_UNKNOWN_3_DEFAULT),
-			 config_value_read(data, "logon divs column",
-							   CONFIG_LOGON_DIVS_DEFAULT),
-			 config_value_read(data, "hours len column",
-							   CONFIG_HOURS_LEN_DEFAULT),
-			 config_value_read(data, "bad password count column",
-							   CONFIG_BAD_PASSWORD_COUNT_DEFAULT),
-			 config_value_read(data, "logon count column",
-							   CONFIG_LOGON_COUNT_DEFAULT),
-			 config_value_read(data, "unknown 6 column",
-							   CONFIG_UNKNOWN_6_DEFAULT),
-			 config_value(data, "table", CONFIG_TABLE_DEFAULT), field,
-			 esc_sname);
-	
+	query = sql_account_query_select(data->location, True, field, esc_sname);
+
 	SAFE_FREE(esc_sname);
 
 	DEBUG(5, ("Executing query %s\n", query));
@@ -561,8 +278,7 @@ static NTSTATUS mysqlsam_getsampwnam(struct pdb_methods *methods, SAM_ACCOUNT *
 	}
 
 	return mysqlsam_select_by_field(methods, user,
-			config_value_read(data, "username column",
-				CONFIG_USERNAME_DEFAULT), sname);
+			SQL_SEARCH_USER_NAME, sname);
 }
 
 
@@ -580,9 +296,7 @@ static NTSTATUS mysqlsam_getsampwsid(struct pdb_methods *methods, SAM_ACCOUNT *
 
 	sid_to_string(sid_str, sid);
 
-	return mysqlsam_select_by_field(methods, user,
-			config_value_read(data, "user sid column",
-				CONFIG_USER_SID_DEFAULT), sid_str);
+	return mysqlsam_select_by_field(methods, user, SQL_SEARCH_USER_SID, sid_str);
 }
 
 /***************************************************************************
@@ -631,10 +345,7 @@ static NTSTATUS mysqlsam_delete_sam_account(struct pdb_methods *methods,
 
 	SAFE_FREE(tmp_sname);
 
-	asprintf(&query, "DELETE FROM %s WHERE %s = '%s'",
-			 config_value(data, "table", CONFIG_TABLE_DEFAULT),
-			 config_value_read(data, "username column",
-							   CONFIG_USERNAME_DEFAULT), esc);
+	query = sql_account_query_delete(data->location, esc);
 
 	SAFE_FREE(esc);
 
@@ -656,11 +367,8 @@ static NTSTATUS mysqlsam_delete_sam_account(struct pdb_methods *methods,
 static NTSTATUS mysqlsam_replace_sam_account(struct pdb_methods *methods,
 							 const SAM_ACCOUNT * newpwd, char isupdate)
 {
-	pstring temp;
-	char *field;
 	struct pdb_mysql_data *data;
-	pdb_mysql_query query;
-	fstring sid_str;
+	char *query;
 
 	if (!methods) {
 		DEBUG(0, ("invalid methods!\n"));
@@ -673,200 +381,18 @@ static NTSTATUS mysqlsam_replace_sam_account(struct pdb_methods *methods,
 		DEBUG(0, ("invalid handle!\n"));
 		return NT_STATUS_INVALID_HANDLE;
 	}
-	query.update = isupdate;
-
-	/* I know this is somewhat overkill but only the talloc 
-	 * functions have asprint_append and the 'normal' asprintf 
-	 * is a GNU extension */
-	query.mem_ctx = talloc_init("mysqlsam_replace_sam_account");
-	query.part2 = talloc_asprintf(query.mem_ctx, "%s", "");
-	if (query.update) {
-		query.part1 =
-			talloc_asprintf(query.mem_ctx, "UPDATE %s SET ",
-							config_value(data, "table",
-										 CONFIG_TABLE_DEFAULT));
-	} else {
-		query.part1 =
-			talloc_asprintf(query.mem_ctx, "INSERT INTO %s (",
-							config_value(data, "table",
-										 CONFIG_TABLE_DEFAULT));
-	}
-
-	pdb_mysql_int_field(methods, &query,
-						config_value_write(data, "acct ctrl column",
-										   CONFIG_ACCT_CTRL_DEFAULT),
-						pdb_get_acct_ctrl(newpwd));
-
-	if (pdb_get_init_flags(newpwd, PDB_LOGONTIME) != PDB_DEFAULT) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "logon time column",
-											   CONFIG_LOGON_TIME_DEFAULT),
-							pdb_get_logon_time(newpwd));
-	}
-
-	if (pdb_get_init_flags(newpwd, PDB_LOGOFFTIME) != PDB_DEFAULT) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "logoff time column",
-											   CONFIG_LOGOFF_TIME_DEFAULT),
-							pdb_get_logoff_time(newpwd));
-	}
 
-	if (pdb_get_init_flags(newpwd, PDB_KICKOFFTIME) != PDB_DEFAULT) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "kickoff time column",
-											   CONFIG_KICKOFF_TIME_DEFAULT),
-							pdb_get_kickoff_time(newpwd));
-	}
-
-	if (pdb_get_init_flags(newpwd, PDB_CANCHANGETIME) != PDB_DEFAULT) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "pass can change time column",
-											   CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
-							pdb_get_pass_can_change_time(newpwd));
-	}
-
-	if (pdb_get_init_flags(newpwd, PDB_MUSTCHANGETIME) != PDB_DEFAULT) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "pass must change time column",
-											   CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
-							pdb_get_pass_must_change_time(newpwd));
-	}
-
-	if (pdb_get_pass_last_set_time(newpwd)) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "pass last set time column",
-											   CONFIG_PASS_LAST_SET_TIME_DEFAULT),
-							pdb_get_pass_last_set_time(newpwd));
-	}
-
-	if (pdb_get_hours_len(newpwd)) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "hours len column",
-											   CONFIG_HOURS_LEN_DEFAULT),
-							pdb_get_hours_len(newpwd));
-	}
-
-	if (pdb_get_logon_divs(newpwd)) {
-		pdb_mysql_int_field(methods, &query,
-							config_value_write(data,
-											   "logon divs column",
-											   CONFIG_LOGON_DIVS_DEFAULT),
-							pdb_get_logon_divs(newpwd));
-	}
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "user sid column",
-											  CONFIG_USER_SID_DEFAULT),
-						   sid_to_string(sid_str, 
-										 pdb_get_user_sid(newpwd)));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "group sid column",
-											  CONFIG_GROUP_SID_DEFAULT),
-						   sid_to_string(sid_str,
-										 pdb_get_group_sid(newpwd)));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "username column",
-											  CONFIG_USERNAME_DEFAULT),
-						   pdb_get_username(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "domain column",
-											  CONFIG_DOMAIN_DEFAULT),
-						   pdb_get_domain(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "nt username column",
-											  CONFIG_NT_USERNAME_DEFAULT),
-						   pdb_get_nt_username(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "fullname column",
-											  CONFIG_FULLNAME_DEFAULT),
-						   pdb_get_fullname(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "logon script column",
-											  CONFIG_LOGON_SCRIPT_DEFAULT),
-						   pdb_get_logon_script(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "profile path column",
-											  CONFIG_PROFILE_PATH_DEFAULT),
-						   pdb_get_profile_path(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "dir drive column",
-											  CONFIG_DIR_DRIVE_DEFAULT),
-						   pdb_get_dir_drive(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "home dir column",
-											  CONFIG_HOME_DIR_DEFAULT),
-						   pdb_get_homedir(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "workstations column",
-											  CONFIG_WORKSTATIONS_DEFAULT),
-						   pdb_get_workstations(newpwd));
-
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "unknown string column",
-											  CONFIG_UNKNOWN_STR_DEFAULT),
-						   pdb_get_workstations(newpwd));
-
-	pdb_sethexpwd(temp, pdb_get_lanman_passwd(newpwd),
-				  pdb_get_acct_ctrl(newpwd));
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data,
-											  "lanman pass column",
-											  CONFIG_LM_PW_DEFAULT), temp);
-
-	pdb_sethexpwd(temp, pdb_get_nt_passwd(newpwd),
-				  pdb_get_acct_ctrl(newpwd));
-	pdb_mysql_string_field(methods, &query,
-						   config_value_write(data, "nt pass column",
-											  CONFIG_NT_PW_DEFAULT), temp);
-
-	if (query.update) {
-		query.part1[strlen(query.part1) - 1] = '\0';
-		query.part1 =
-			talloc_asprintf_append(query.mem_ctx, query.part1,
-								   " WHERE %s = '%s'",
-								   config_value_read(data,
-													 "user sid column",
-													 CONFIG_USER_SID_DEFAULT),
-								   sid_to_string(sid_str, pdb_get_user_sid (newpwd)));
-	} else {
-		query.part2[strlen(query.part2) - 1] = ')';
-		query.part1[strlen(query.part1) - 1] = ')';
-		query.part1 =
-			talloc_asprintf_append(query.mem_ctx, query.part1,
-								   " VALUES (%s", query.part2);
-	}
-
-	DEBUG(0, ("%s\n", query.part1));
+	query = sql_account_query_update(data->location, newpwd, isupdate);
+	
 	/* Execute the query */
-	if (mysql_query(data->handle, query.part1)) {
+	if (mysql_query(data->handle, query)) {
 		DEBUG(0,
-			  ("Error executing %s, %s\n", query.part1,
+			  ("Error executing %s, %s\n", query,
 			   mysql_error(data->handle)));
 		return NT_STATUS_INVALID_PARAMETER;
 	}
-	talloc_destroy(query.mem_ctx);
+	SAFE_FREE(query);
+
 	return NT_STATUS_OK;
 }
 
@@ -886,7 +412,6 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho
 {
 	NTSTATUS nt_status;
 	struct pdb_mysql_data *data;
-	const char *sid_column, *username_column;
 
 	mysqlsam_debug_level = debug_add_class("mysqlsam");
 	if (mysqlsam_debug_level == -1) {
@@ -944,11 +469,8 @@ static NTSTATUS mysqlsam_init(struct pdb_context * pdb_context, struct pdb_metho
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	sid_column = config_value_read(data, "user sid column", CONFIG_USER_SID_DEFAULT);
-	username_column = config_value_read(data, "username column", CONFIG_USERNAME_DEFAULT);
-	if(!strcmp(sid_column,"NULL") || !strcmp(username_column, "NULL")) {
-		DEBUG(0,("Please specify both a valid 'user sid column' and a valid 'username column' in smb.conf\n"));
-		return NT_STATUS_UNSUCCESSFUL;
+	if(!sql_account_config_valid(data->location)) {
+		return NT_STATUS_INVALID_PARAMETER;
 	}
 	
 	/* Process correct entry in $HOME/.my.conf */
diff --git a/source3/passdb/pdb_pgsql.c b/source3/passdb/pdb_pgsql.c
new file mode 100644
index 0000000000..61c620e092
--- /dev/null
+++ b/source3/passdb/pdb_pgsql.c
@@ -0,0 +1,489 @@
+/*
+ * PostgresSQL password backend for samba
+ * Copyright (C) Hamish Friedlander 2003
+ * Copyright (C) Jelmer Vernooij 2004
+ * 
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 675
+ * Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+#include <libpq-fe.h>
+
+#define CONFIG_HOST_DEFAULT				"localhost"
+#define CONFIG_USER_DEFAULT				"samba"
+#define CONFIG_PASS_DEFAULT				""
+#define CONFIG_PORT_DEFAULT				"5432"
+#define CONFIG_DB_DEFAULT				"samba"
+
+/* handles for doing db transactions */
+typedef struct pdb_pgsql_data {
+  PGconn     *handle ;
+  PGresult   *pwent  ;
+  long        currow ;
+  
+  const char *location ;
+} pdb_pgsql_data ;
+
+#define SET_DATA(data,methods) { \
+	if(!methods){ \
+		DEBUG(0, ("invalid methods!\n")); \
+			return NT_STATUS_INVALID_PARAMETER; \
+	} \
+	data = (struct pdb_pgsql_data *)methods->private_data; \
+		if(!data || !(data->handle)){ \
+			DEBUG(0, ("invalid handle!\n")); \
+				return NT_STATUS_INVALID_HANDLE; \
+		} \
+}
+
+#define SET_DATA_QUIET(data,methods) { \
+	if(!methods){ \
+		DEBUG(0, ("invalid methods!\n")); \
+			return ; \
+	} \
+	data = (struct pdb_pgsql_data *)methods->private_data; \
+		if(!data || !(data->handle)){ \
+			DEBUG(0, ("invalid handle!\n")); \
+				return ; \
+		} \
+}
+
+
+#define config_value( data, name, default_value ) \
+  lp_parm_const_string( GLOBAL_SECTION_SNUM, (data)->location, name, default_value )
+
+static long PQgetlong( PGresult *r, long row, long col )
+{
+  if ( PQgetisnull( r, row, col ) ) return 0 ;
+  
+  return atol( PQgetvalue( r, row,  col ) ) ;
+}
+
+static NTSTATUS row_to_sam_account ( PGresult *r, long row, SAM_ACCOUNT *u )
+{
+  pstring temp ;
+  DOM_SID sid ;
+  
+  if ( row >= PQntuples( r ) ) return NT_STATUS_INVALID_PARAMETER ;
+
+  pdb_set_logon_time           ( u, PQgetlong ( r, row,  0 ), PDB_SET ) ;
+  pdb_set_logoff_time          ( u, PQgetlong ( r, row,  1 ), PDB_SET ) ;
+  pdb_set_kickoff_time         ( u, PQgetlong ( r, row,  2 ), PDB_SET ) ;
+  pdb_set_pass_last_set_time   ( u, PQgetlong ( r, row,  3 ), PDB_SET ) ;
+  pdb_set_pass_can_change_time ( u, PQgetlong ( r, row,  4 ), PDB_SET ) ;
+  pdb_set_pass_must_change_time( u, PQgetlong ( r, row,  5 ), PDB_SET ) ;
+  pdb_set_username             ( u, PQgetvalue( r, row,  6 ), PDB_SET ) ;
+  pdb_set_domain               ( u, PQgetvalue( r, row,  7 ), PDB_SET ) ;
+  pdb_set_nt_username          ( u, PQgetvalue( r, row,  8 ), PDB_SET ) ;
+  pdb_set_fullname             ( u, PQgetvalue( r, row,  9 ), PDB_SET ) ;
+  pdb_set_homedir              ( u, PQgetvalue( r, row, 10 ), PDB_SET ) ;
+  pdb_set_dir_drive            ( u, PQgetvalue( r, row, 11 ), PDB_SET ) ;
+  pdb_set_logon_script         ( u, PQgetvalue( r, row, 12 ), PDB_SET ) ;
+  pdb_set_profile_path         ( u, PQgetvalue( r, row, 13 ), PDB_SET ) ;
+  pdb_set_acct_desc            ( u, PQgetvalue( r, row, 14 ), PDB_SET ) ;
+  pdb_set_workstations         ( u, PQgetvalue( r, row, 15 ), PDB_SET ) ;
+  pdb_set_unknown_str          ( u, PQgetvalue( r, row, 16 ), PDB_SET ) ;
+  pdb_set_munged_dial          ( u, PQgetvalue( r, row, 17 ), PDB_SET ) ;
+  
+  pdb_set_acct_ctrl            ( u, PQgetlong ( r, row, 23 ), PDB_SET ) ;
+  pdb_set_unknown_3            ( u, PQgetlong ( r, row, 24 ), PDB_SET ) ;
+  pdb_set_logon_divs           ( u, PQgetlong ( r, row, 25 ), PDB_SET ) ;
+  pdb_set_hours_len            ( u, PQgetlong ( r, row, 26 ), PDB_SET ) ;
+  pdb_set_logon_count            ( u, PQgetlong ( r, row, 27 ), PDB_SET ) ;
+  pdb_set_unknown_6            ( u, PQgetlong ( r, row, 28 ), PDB_SET ) ;
+  
+  if ( !PQgetisnull( r, row, 18 ) ) string_to_sid( &sid, PQgetvalue( r, row, 18 ) ) ;
+  pdb_set_user_sid ( u, &sid, PDB_SET ) ;
+  if ( !PQgetisnull( r, row, 19 ) ) string_to_sid( &sid, PQgetvalue( r, row, 19 ) ) ;
+  pdb_set_group_sid( u, &sid, PDB_SET ) ;
+  
+  if ( pdb_gethexpwd( PQgetvalue( r, row, 20 ), temp ), PDB_SET ) pdb_set_lanman_passwd( u, temp, PDB_SET ) ;
+  if ( pdb_gethexpwd( PQgetvalue( r, row, 21 ), temp ), PDB_SET ) pdb_set_nt_passwd    ( u, temp, PDB_SET ) ;
+  
+  /* Only use plaintext password storage when lanman and nt are NOT used */
+  if ( PQgetisnull( r, row, 20 ) || PQgetisnull( r, row, 21 ) ) pdb_set_plaintext_passwd( u, PQgetvalue( r, row, 22 ) ) ;
+  
+  return NT_STATUS_OK ;
+}
+
+static NTSTATUS pgsqlsam_setsampwent(struct pdb_methods *methods, BOOL update)
+{
+  struct pdb_pgsql_data *data ;
+  char *query ;
+  NTSTATUS retval ;
+  
+  SET_DATA( data, methods ) ;
+  
+  query = sql_account_query_select(data->location, update, SQL_SEARCH_NONE, NULL);
+  
+  /* Do it */
+  DEBUG( 5, ("Executing query %s\n", query) ) ;
+  data->pwent  = PQexec( data->handle, query ) ;
+  data->currow = 0 ;
+  
+  /* Result? */
+  if ( data->pwent == NULL )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQerrorMessage( data->handle ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else if ( PQresultStatus( data->pwent ) != PGRES_TUPLES_OK )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQresultErrorMessage( data->pwent ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else
+  {
+    DEBUG( 5, ("pgsqlsam_setsampwent succeeded(%llu results)!\n", PQntuples(data->pwent)) ) ;
+    retval = NT_STATUS_OK ;
+  }
+  
+  SAFE_FREE(query);
+  return retval ;
+}
+
+/***************************************************************
+  End enumeration of the passwd list.
+ ****************************************************************/
+
+static void pgsqlsam_endsampwent(struct pdb_methods *methods)
+{
+  struct pdb_pgsql_data *data ; 
+    
+  SET_DATA_QUIET( data, methods ) ;
+  
+  if (data->pwent != NULL)
+  {
+    PQclear( data->pwent ) ;
+  }
+  
+  data->pwent  = NULL ;
+  data->currow = 0 ;
+  
+  DEBUG( 5, ("pgsql_endsampwent called\n") ) ;
+}
+
+/*****************************************************************
+  Get one SAM_ACCOUNT from the list (next in line)
+ *****************************************************************/
+
+static NTSTATUS pgsqlsam_getsampwent( struct pdb_methods *methods, SAM_ACCOUNT *user )
+{
+  struct pdb_pgsql_data *data;
+  NTSTATUS retval ;
+  
+  SET_DATA( data, methods ) ;
+  
+  if ( data->pwent == NULL )
+  {
+    DEBUG( 0, ("invalid pwent\n") ) ;
+    return NT_STATUS_INVALID_PARAMETER ;
+  }
+  
+  retval = row_to_sam_account( data->pwent, data->currow, user ) ;
+  data->currow++ ;
+  
+  return retval ;
+}
+
+static NTSTATUS pgsqlsam_select_by_field ( struct pdb_methods *methods, SAM_ACCOUNT *user, enum sql_search_field field, const char *sname )
+{
+  struct pdb_pgsql_data *data ;
+  
+  char *esc ;
+  char *query ;
+  
+  PGresult *result ;
+  NTSTATUS retval ;
+
+  SET_DATA(data, methods);
+
+  if ( user == NULL )
+  {
+    DEBUG( 0, ("pdb_getsampwnam: SAM_ACCOUNT is NULL.\n") ) ;
+    return NT_STATUS_INVALID_PARAMETER;
+  }
+  
+  DEBUG( 5, ("pgsqlsam_select_by_field: getting data where %d = %s(nonescaped)\n", field, sname) ) ;
+  
+  /* Escape sname */
+  esc = malloc(strlen(sname) * 2 + 1);
+  if ( !esc )
+  {
+    DEBUG(0, ("Can't allocate memory to store escaped name\n"));
+    return NT_STATUS_NO_MEMORY; 
+  }
+  
+  //tmp_sname = smb_xstrdup(sname);
+  PQescapeString( esc, sname, strlen(sname) ) ;
+  
+  query = sql_account_query_select(data->location, True, field, esc);
+  
+  /* Do it */
+  DEBUG( 5, ("Executing query %s\n", query) ) ;
+  result = PQexec( data->handle, query ) ;
+  
+  /* Result? */
+  if ( result == NULL )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQerrorMessage( data->handle ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else if ( PQresultStatus( result ) != PGRES_TUPLES_OK )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQresultErrorMessage( result ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else
+  {
+    retval = row_to_sam_account( result, 0, user ) ;
+  }
+  
+  SAFE_FREE( esc   ) ;
+  SAFE_FREE( query ) ;
+  
+  PQclear( result ) ;
+  
+  return retval ;
+}
+
+/******************************************************************
+  Lookup a name in the SAM database
+ ******************************************************************/
+
+static NTSTATUS pgsqlsam_getsampwnam ( struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname )
+{
+  struct pdb_pgsql_data *data;
+  
+  SET_DATA(data, methods);
+  
+  if ( !sname )
+  {
+    DEBUG( 0, ("invalid name specified") ) ;
+    return NT_STATUS_INVALID_PARAMETER;
+  }
+  
+  return pgsqlsam_select_by_field( methods, user, SQL_SEARCH_USER_NAME, sname ) ;
+}
+
+
+/***************************************************************************
+  Search by sid
+ **************************************************************************/
+
+static NTSTATUS pgsqlsam_getsampwsid ( struct pdb_methods *methods, SAM_ACCOUNT *user, const DOM_SID *sid )
+{
+  struct pdb_pgsql_data *data;
+  fstring sid_str;
+  
+  SET_DATA( data, methods ) ;
+  
+  sid_to_string( sid_str, sid ) ;
+  
+  return pgsqlsam_select_by_field( methods, user, SQL_SEARCH_USER_SID, sid_str ) ;
+}
+
+/***************************************************************************
+  Delete a SAM_ACCOUNT
+ ****************************************************************************/
+
+static NTSTATUS pgsqlsam_delete_sam_account( struct pdb_methods *methods, SAM_ACCOUNT *sam_pass )
+{
+  struct pdb_pgsql_data *data ;
+  
+  const char *sname = pdb_get_username( sam_pass ) ;
+  char *esc ;
+  char *query ;
+  
+  PGresult *result ;
+  NTSTATUS retval ;
+  
+  SET_DATA(data, methods);
+  
+  if ( !sname )
+  {
+    DEBUG( 0, ("invalid name specified\n") ) ;
+    return NT_STATUS_INVALID_PARAMETER ;
+  }
+  
+  /* Escape sname */
+  esc = malloc(strlen(sname) * 2 + 1);
+  if ( !esc )
+  {
+    DEBUG(0, ("Can't allocate memory to store escaped name\n"));
+    return NT_STATUS_NO_MEMORY;
+  }
+  
+  PQescapeString( esc, sname, strlen(sname) ) ;
+  
+  query = sql_account_query_delete(data->location, esc);
+  
+  /* Do it */
+  result = PQexec( data->handle, query ) ;
+  
+  if ( result == NULL )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQerrorMessage( data->handle ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else if ( PQresultStatus( result ) != PGRES_COMMAND_OK )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQresultErrorMessage( result ) ) ) ;
+    retval = NT_STATUS_UNSUCCESSFUL ;
+  }
+  else
+  {
+    DEBUG( 5, ("User '%s' deleted\n", sname) ) ;
+    retval = NT_STATUS_OK ;
+  }
+  
+  SAFE_FREE( esc ) ;
+  SAFE_FREE( query ) ;
+  
+  return retval ;
+}
+
+static NTSTATUS pgsqlsam_replace_sam_account( struct pdb_methods *methods, const SAM_ACCOUNT *newpwd, char isupdate )
+{
+  struct pdb_pgsql_data *data ;
+  char *query;
+  PGresult *result ;
+  
+  if ( !methods )
+  {
+    DEBUG( 0, ("invalid methods!\n") ) ;
+    return NT_STATUS_INVALID_PARAMETER ;
+  }
+  
+  data = (struct pdb_pgsql_data *) methods->private_data ;
+  
+  if ( data == NULL || data->handle == NULL )
+  {
+    DEBUG( 0, ("invalid handle!\n") ) ;
+    return NT_STATUS_INVALID_HANDLE ;
+  }
+
+  query = sql_account_query_update(data->location, newpwd, isupdate);
+
+  result = PQexec( data->handle, query ) ;
+
+  
+  /* Execute the query */
+  if ( result == NULL )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQerrorMessage( data->handle ) ) ) ;
+    return NT_STATUS_INVALID_PARAMETER;
+  }
+  else if ( PQresultStatus( result ) != PGRES_COMMAND_OK )
+  {
+    DEBUG( 0, ("Error executing %s, %s\n", query, PQresultErrorMessage( result ) ) ) ;
+    return NT_STATUS_INVALID_PARAMETER;
+  }
+  SAFE_FREE(query);
+  
+  return NT_STATUS_OK;
+}
+
+static NTSTATUS pgsqlsam_add_sam_account ( struct pdb_methods *methods, SAM_ACCOUNT *newpwd )
+{
+  return pgsqlsam_replace_sam_account( methods, newpwd, 0 ) ;
+}
+
+static NTSTATUS pgsqlsam_update_sam_account ( struct pdb_methods *methods, SAM_ACCOUNT *newpwd )
+{
+  return pgsqlsam_replace_sam_account( methods, newpwd, 1 ) ;
+}
+
+static NTSTATUS pgsqlsam_init ( struct pdb_context *pdb_context, struct pdb_methods **pdb_method, const char *location )
+{
+  NTSTATUS nt_status ;
+  struct pdb_pgsql_data *data ;
+  
+  if ( !pdb_context )
+  {
+    DEBUG( 0, ("invalid pdb_methods specified\n") ) ;
+    return NT_STATUS_UNSUCCESSFUL;
+  }
+  
+  if (!NT_STATUS_IS_OK
+    (nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
+    return nt_status;
+  }
+  
+  (*pdb_method)->name               = "pgsqlsam" ;
+  
+  (*pdb_method)->setsampwent        = pgsqlsam_setsampwent ;
+  (*pdb_method)->endsampwent        = pgsqlsam_endsampwent ;
+  (*pdb_method)->getsampwent        = pgsqlsam_getsampwent ;
+  (*pdb_method)->getsampwnam        = pgsqlsam_getsampwnam ;
+  (*pdb_method)->getsampwsid        = pgsqlsam_getsampwsid ;
+  (*pdb_method)->add_sam_account    = pgsqlsam_add_sam_account ;
+  (*pdb_method)->update_sam_account = pgsqlsam_update_sam_account ;
+  (*pdb_method)->delete_sam_account = pgsqlsam_delete_sam_account ;
+  
+  data = talloc( pdb_context->mem_ctx, sizeof( struct pdb_pgsql_data ) ) ;
+  (*pdb_method)->private_data = data ;
+  data->handle = NULL ;
+  data->pwent  = NULL ;
+
+  if ( !location )
+  {
+    DEBUG( 0, ("No identifier specified. Check the Samba HOWTO Collection for details\n") ) ;
+    return NT_STATUS_INVALID_PARAMETER;
+  }
+  
+  data->location = smb_xstrdup( location ) ;
+
+  if(!sql_account_config_valid(data->location)) {
+	  return NT_STATUS_INVALID_PARAMETER;
+  }
+  
+  DEBUG
+  (
+    1, 
+    (
+      "Connecting to database server, host: %s, user: %s, password: XXXXXX, database: %s, port: %s\n",
+      config_value( data, "pgsql host"    , CONFIG_HOST_DEFAULT ),
+      config_value( data, "pgsql user"    , CONFIG_USER_DEFAULT ),
+      config_value( data, "pgsql database", CONFIG_DB_DEFAULT   ),
+      config_value( data, "pgsql port"    , CONFIG_PORT_DEFAULT )
+    )
+  ) ;
+  
+  /* Do the pgsql initialization */
+  data->handle = PQsetdbLogin( 
+                                config_value( data, "pgsql host"    , CONFIG_HOST_DEFAULT ),
+                                config_value( data, "pgsql port"    , CONFIG_PORT_DEFAULT ),
+                                NULL,
+                                NULL,
+                                config_value( data, "pgsql database", CONFIG_DB_DEFAULT   ),
+                                config_value( data, "pgsql user"    , CONFIG_USER_DEFAULT ),
+                                config_value( data, "pgsql password", CONFIG_PASS_DEFAULT )
+                             ) ;
+  
+  if ( PQstatus( data->handle ) != CONNECTION_OK )
+  {
+    DEBUG( 0, ("Failed to connect to pgsql database: error: %s\n", PQerrorMessage( data->handle )) ) ;
+    return NT_STATUS_UNSUCCESSFUL;
+  }
+  
+  DEBUG( 5, ("Connected to pgsql database\n") ) ;
+  return NT_STATUS_OK;
+}
+
+NTSTATUS pdb_pgsql_init(void) 
+{
+  return smb_register_passdb( PASSDB_INTERFACE_VERSION, "pgsql", pgsqlsam_init ) ;
+}
diff --git a/source3/passdb/pdb_sql.c b/source3/passdb/pdb_sql.c
new file mode 100644
index 0000000000..b87004e019
--- /dev/null
+++ b/source3/passdb/pdb_sql.c
@@ -0,0 +1,496 @@
+/*
+ * Common PDB SQL backend functions
+ * Copyright (C) Jelmer Vernooij 2003-2004
+ * 
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 675
+ * Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+
+#define CONFIG_TABLE_DEFAULT				"user"
+#define CONFIG_LOGON_TIME_DEFAULT			"logon_time"
+#define CONFIG_LOGOFF_TIME_DEFAULT			"logoff_time"
+#define CONFIG_KICKOFF_TIME_DEFAULT			"kickoff_time"
+#define CONFIG_PASS_LAST_SET_TIME_DEFAULT		"pass_last_set_time"
+#define CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT		"pass_can_change_time"
+#define CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT 		"pass_must_change_time"
+#define CONFIG_USERNAME_DEFAULT 			"username"
+#define CONFIG_DOMAIN_DEFAULT				"domain"
+#define CONFIG_NT_USERNAME_DEFAULT  			"nt_username"
+#define CONFIG_FULLNAME_DEFAULT				"nt_fullname"
+#define CONFIG_HOME_DIR_DEFAULT				"home_dir"
+#define CONFIG_DIR_DRIVE_DEFAULT			"dir_drive"
+#define CONFIG_LOGON_SCRIPT_DEFAULT			"logon_script"
+#define CONFIG_PROFILE_PATH_DEFAULT			"profile_path"
+#define CONFIG_ACCT_DESC_DEFAULT			"acct_desc"
+#define CONFIG_WORKSTATIONS_DEFAULT			"workstations"
+#define CONFIG_UNKNOWN_STR_DEFAULT			"unknown_str"
+#define CONFIG_MUNGED_DIAL_DEFAULT			"munged_dial"
+#define CONFIG_USER_SID_DEFAULT				"user_sid"
+#define CONFIG_GROUP_SID_DEFAULT			"group_sid"
+#define CONFIG_LM_PW_DEFAULT				"lm_pw"
+#define CONFIG_NT_PW_DEFAULT				"nt_pw"
+#define CONFIG_PLAIN_PW_DEFAULT				"NULL"
+#define CONFIG_ACCT_CTRL_DEFAULT			"acct_ctrl"
+#define CONFIG_UNKNOWN_3_DEFAULT			"unknown_3"
+#define CONFIG_LOGON_DIVS_DEFAULT			"logon_divs"
+#define CONFIG_HOURS_LEN_DEFAULT			"hours_len"
+#define CONFIG_BAD_PASSWORD_COUNT_DEFAULT		"bad_password_count"
+#define CONFIG_LOGON_COUNT_DEFAULT			"logon_count"
+#define CONFIG_UNKNOWN_6_DEFAULT			"unknown_6"
+
+/* Used to construct insert and update queries */
+
+typedef struct pdb_sql_query {
+	char update;
+	TALLOC_CTX *mem_ctx;
+	char *part1;
+	char *part2;
+} pdb_sql_query;
+
+static void pdb_sql_int_field(struct pdb_sql_query *q, const char *name, int value)
+{
+	if (!name || strchr(name, '\''))
+		return;                 /* This field shouldn't be set by us */
+
+	if (q->update) {
+		q->part1 =
+			talloc_asprintf_append(q->mem_ctx, q->part1,
+								   "%s = %d,", name, value);
+	} else {
+		q->part1 =
+			talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
+		q->part2 =
+			talloc_asprintf_append(q->mem_ctx, q->part2, "%d,", value);
+	}
+}
+
+char *sql_escape_string(const char *unesc)
+{
+	char *esc = malloc(strlen(unesc) * 2 + 3);
+	size_t pos_unesc = 0, pos_esc = 0;
+
+	for(pos_unesc = 0; unesc[pos_unesc]; pos_unesc++) {
+		switch(unesc[pos_unesc]) {
+		case '\\':
+		case '\'':
+		case '"':
+			esc[pos_esc] = '\\'; pos_esc++;
+		default:
+			esc[pos_esc] = unesc[pos_unesc]; pos_esc++;
+			break;
+		}
+	}
+
+	esc[pos_esc] = '\0';
+	
+	return esc;
+}
+
+static NTSTATUS pdb_sql_string_field(struct pdb_sql_query *q,
+					   const char *name, const char *value)
+{
+	char *esc_value;
+
+	if (!name || !value || !strcmp(value, "") || strchr(name, '\''))
+		return NT_STATUS_INVALID_PARAMETER;   /* This field shouldn't be set by module */
+
+	esc_value = sql_escape_string(value);
+
+	if (q->update) {
+		q->part1 =
+			talloc_asprintf_append(q->mem_ctx, q->part1,
+								   "%s = '%s',", name, esc_value);
+	} else {
+		q->part1 =
+			talloc_asprintf_append(q->mem_ctx, q->part1, "%s,", name);
+		q->part2 =
+			talloc_asprintf_append(q->mem_ctx, q->part2, "'%s',",
+								   esc_value);
+	}
+
+	SAFE_FREE(esc_value);
+
+	return NT_STATUS_OK;
+}
+
+#define config_value(data,name,default_value) \
+	lp_parm_const_string(GLOBAL_SECTION_SNUM, data, name, default_value)
+
+static const char * config_value_write(const char *location, const char *name, const char *default_value) 
+{
+	char const *v = NULL;
+	char const *swrite = NULL;
+
+	v = lp_parm_const_string(GLOBAL_SECTION_SNUM, location, name, default_value);
+
+	if (!v)
+		return NULL;
+
+	swrite = strrchr(v, ':');
+
+	/* Default to the same field as read field */
+	if (!swrite)
+		return v;
+
+	swrite++;
+
+	/* If the field is 0 chars long, we shouldn't write to it */
+	if (!strlen(swrite) || !strcmp(swrite, "NULL"))
+		return NULL;
+
+	/* Otherwise, use the additionally specified */
+	return swrite;
+}
+
+static const char * config_value_read(const char *location, const char *name, const char *default_value)
+{
+	char *v = NULL;
+	char *swrite;
+
+	v = lp_parm_talloc_string(GLOBAL_SECTION_SNUM, location, name, default_value);
+
+	if (!v)
+		return "NULL";
+
+	swrite = strrchr(v, ':');
+
+	/* If no write is specified, there are no problems */
+	if (!swrite) {
+		if (strlen(v) == 0)
+			return "NULL";
+		return (const char *)v;
+	}
+
+	/* Otherwise, we have to cut the ':write_part' */
+	*swrite = '\0';
+	if (strlen(v) == 0)
+		return "NULL";
+
+	return (const char *)v;
+}
+
+char *sql_account_query_select(const char *data, BOOL update, enum sql_search_field field, const char *value)
+{
+	const char *field_string;
+	char *query;
+
+	switch(field) {
+	case SQL_SEARCH_NONE: 
+		field_string = "'1'"; 
+		value = "1"; 
+		break;
+		
+	case SQL_SEARCH_USER_SID: 
+		field_string = config_value_read(data, "user sid column", 
+										 CONFIG_USER_SID_DEFAULT); 
+		break;
+		
+	case SQL_SEARCH_USER_NAME: 
+		field_string = config_value_read(data, "username column", 
+										 CONFIG_USERNAME_DEFAULT);
+		break;
+	}
+
+	asprintf(&query,
+			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'",
+			 config_value_read(data, "logon time column",
+							   CONFIG_LOGON_TIME_DEFAULT),
+			 config_value_read(data, "logoff time column",
+							   CONFIG_LOGOFF_TIME_DEFAULT),
+			 config_value_read(data, "kickoff time column",
+							   CONFIG_KICKOFF_TIME_DEFAULT),
+			 config_value_read(data, "pass last set time column",
+							   CONFIG_PASS_LAST_SET_TIME_DEFAULT),
+			 config_value_read(data, "pass can change time column",
+							   CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
+			 config_value_read(data, "pass must change time column",
+							   CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
+			 config_value_read(data, "username column",
+							   CONFIG_USERNAME_DEFAULT),
+			 config_value_read(data, "domain column",
+							   CONFIG_DOMAIN_DEFAULT),
+			 config_value_read(data, "nt username column",
+							   CONFIG_NT_USERNAME_DEFAULT),
+			 config_value_read(data, "fullname column",
+							   CONFIG_FULLNAME_DEFAULT),
+			 config_value_read(data, "home dir column",
+							   CONFIG_HOME_DIR_DEFAULT),
+			 config_value_read(data, "dir drive column",
+							   CONFIG_DIR_DRIVE_DEFAULT),
+			 config_value_read(data, "logon script column",
+							   CONFIG_LOGON_SCRIPT_DEFAULT),
+			 config_value_read(data, "profile path column",
+							   CONFIG_PROFILE_PATH_DEFAULT),
+			 config_value_read(data, "acct desc column",
+							   CONFIG_ACCT_DESC_DEFAULT),
+			 config_value_read(data, "workstations column",
+							   CONFIG_WORKSTATIONS_DEFAULT),
+			 config_value_read(data, "unknown string column",
+							   CONFIG_UNKNOWN_STR_DEFAULT),
+			 config_value_read(data, "munged dial column",
+							   CONFIG_MUNGED_DIAL_DEFAULT),
+			 config_value_read(data, "user sid column",
+							   CONFIG_USER_SID_DEFAULT),
+			 config_value_read(data, "group sid column",
+							   CONFIG_GROUP_SID_DEFAULT),
+			 config_value_read(data, "lanman pass column",
+							   CONFIG_LM_PW_DEFAULT),
+			 config_value_read(data, "nt pass column",
+							   CONFIG_NT_PW_DEFAULT),
+			 config_value_read(data, "plain pass column",
+							   CONFIG_PLAIN_PW_DEFAULT),
+			 config_value_read(data, "acct ctrl column",
+							   CONFIG_ACCT_CTRL_DEFAULT),
+			 config_value_read(data, "unknown 3 column",
+							   CONFIG_UNKNOWN_3_DEFAULT),
+			 config_value_read(data, "logon divs column",
+							   CONFIG_LOGON_DIVS_DEFAULT),
+			 config_value_read(data, "hours len column",
+							   CONFIG_HOURS_LEN_DEFAULT),
+			 config_value_read(data, "bad password count column",
+							   CONFIG_BAD_PASSWORD_COUNT_DEFAULT),
+			 config_value_read(data, "logon count column",
+							   CONFIG_LOGON_COUNT_DEFAULT),
+			 config_value_read(data, "unknown 6 column",
+							   CONFIG_UNKNOWN_6_DEFAULT),
+			 config_value(data, "table", CONFIG_TABLE_DEFAULT), 
+			 field_string, value
+				 );
+	 return query;
+}
+
+char *sql_account_query_delete(const char *data, const char *esc) 
+{
+	char *query;
+	
+	asprintf(&query, "DELETE FROM %s WHERE %s = '%s'",
+			 config_value(data, "table", CONFIG_TABLE_DEFAULT),
+			 config_value_read(data, "username column",
+							   CONFIG_USERNAME_DEFAULT), esc);
+	return query;
+}
+
+char *sql_account_query_update(const char *location, const SAM_ACCOUNT *newpwd, char isupdate)
+{
+	char *ret;
+	pstring temp;
+	pdb_sql_query query;
+	fstring sid_str;
+
+	query.update = isupdate;
+
+	/* I know this is somewhat overkill but only the talloc 
+	 * functions have asprint_append and the 'normal' asprintf 
+	 * is a GNU extension */
+	query.mem_ctx = talloc_init("sql_query_update");
+	query.part2 = talloc_asprintf(query.mem_ctx, "%s", "");
+	if (query.update) {
+		query.part1 =
+			talloc_asprintf(query.mem_ctx, "UPDATE %s SET ",
+							config_value(location, "table",
+										 CONFIG_TABLE_DEFAULT));
+	} else {
+		query.part1 =
+			talloc_asprintf(query.mem_ctx, "INSERT INTO %s (",
+							config_value(location, "table",
+										 CONFIG_TABLE_DEFAULT));
+	}
+
+	pdb_sql_int_field(&query,
+						config_value_write(location, "acct ctrl column",
+										   CONFIG_ACCT_CTRL_DEFAULT),
+						pdb_get_acct_ctrl(newpwd));
+
+	if (pdb_get_init_flags(newpwd, PDB_LOGONTIME) != PDB_DEFAULT) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "logon time column",
+											   CONFIG_LOGON_TIME_DEFAULT),
+							pdb_get_logon_time(newpwd));
+	}
+
+	if (pdb_get_init_flags(newpwd, PDB_LOGOFFTIME) != PDB_DEFAULT) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "logoff time column",
+											   CONFIG_LOGOFF_TIME_DEFAULT),
+							pdb_get_logoff_time(newpwd));
+	}
+
+	if (pdb_get_init_flags(newpwd, PDB_KICKOFFTIME) != PDB_DEFAULT) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "kickoff time column",
+											   CONFIG_KICKOFF_TIME_DEFAULT),
+							pdb_get_kickoff_time(newpwd));
+	}
+
+	if (pdb_get_init_flags(newpwd, PDB_CANCHANGETIME) != PDB_DEFAULT) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "pass can change time column",
+											   CONFIG_PASS_CAN_CHANGE_TIME_DEFAULT),
+							pdb_get_pass_can_change_time(newpwd));
+	}
+
+	if (pdb_get_init_flags(newpwd, PDB_MUSTCHANGETIME) != PDB_DEFAULT) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "pass must change time column",
+											   CONFIG_PASS_MUST_CHANGE_TIME_DEFAULT),
+							pdb_get_pass_must_change_time(newpwd));
+	}
+
+	if (pdb_get_pass_last_set_time(newpwd)) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "pass last set time column",
+											   CONFIG_PASS_LAST_SET_TIME_DEFAULT),
+							pdb_get_pass_last_set_time(newpwd));
+	}
+
+	if (pdb_get_hours_len(newpwd)) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "hours len column",
+											   CONFIG_HOURS_LEN_DEFAULT),
+							pdb_get_hours_len(newpwd));
+	}
+
+	if (pdb_get_logon_divs(newpwd)) {
+		pdb_sql_int_field(&query,
+							config_value_write(location,
+											   "logon divs column",
+											   CONFIG_LOGON_DIVS_DEFAULT),
+							pdb_get_logon_divs(newpwd));
+	}
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "user sid column",
+											  CONFIG_USER_SID_DEFAULT),
+						   sid_to_string(sid_str, 
+										 pdb_get_user_sid(newpwd)));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "group sid column",
+											  CONFIG_GROUP_SID_DEFAULT),
+						   sid_to_string(sid_str,
+										 pdb_get_group_sid(newpwd)));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "username column",
+											  CONFIG_USERNAME_DEFAULT),
+						   pdb_get_username(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "domain column",
+											  CONFIG_DOMAIN_DEFAULT),
+						   pdb_get_domain(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "nt username column",
+											  CONFIG_NT_USERNAME_DEFAULT),
+						   pdb_get_nt_username(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "fullname column",
+											  CONFIG_FULLNAME_DEFAULT),
+						   pdb_get_fullname(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "logon script column",
+											  CONFIG_LOGON_SCRIPT_DEFAULT),
+						   pdb_get_logon_script(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "profile path column",
+											  CONFIG_PROFILE_PATH_DEFAULT),
+						   pdb_get_profile_path(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "dir drive column",
+											  CONFIG_DIR_DRIVE_DEFAULT),
+						   pdb_get_dir_drive(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "home dir column",
+											  CONFIG_HOME_DIR_DEFAULT),
+						   pdb_get_homedir(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "workstations column",
+											  CONFIG_WORKSTATIONS_DEFAULT),
+						   pdb_get_workstations(newpwd));
+
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "unknown string column",
+											  CONFIG_UNKNOWN_STR_DEFAULT),
+						   pdb_get_workstations(newpwd));
+
+	pdb_sethexpwd(temp, pdb_get_lanman_passwd(newpwd),
+				  pdb_get_acct_ctrl(newpwd));
+	pdb_sql_string_field(&query,
+						   config_value_write(location,
+											  "lanman pass column",
+											  CONFIG_LM_PW_DEFAULT), temp);
+
+	pdb_sethexpwd(temp, pdb_get_nt_passwd(newpwd),
+				  pdb_get_acct_ctrl(newpwd));
+	pdb_sql_string_field(&query,
+						   config_value_write(location, "nt pass column",
+											  CONFIG_NT_PW_DEFAULT), temp);
+
+	if (query.update) {
+		query.part1[strlen(query.part1) - 1] = '\0';
+		query.part1 =
+			talloc_asprintf_append(query.mem_ctx, query.part1,
+								   " WHERE %s = '%s'",
+								   config_value_read(location,
+													 "user sid column",
+													 CONFIG_USER_SID_DEFAULT),
+								   sid_to_string(sid_str, pdb_get_user_sid (newpwd)));
+	} else {
+		query.part2[strlen(query.part2) - 1] = ')';
+		query.part1[strlen(query.part1) - 1] = ')';
+		query.part1 =
+			talloc_asprintf_append(query.mem_ctx, query.part1,
+								   " VALUES (%s", query.part2);
+	}
+
+	ret = strdup(query.part1);
+	talloc_destroy(query.mem_ctx);
+	return ret;
+}
+
+BOOL sql_account_config_valid(const char *data)
+{
+	const char *sid_column, *username_column;
+	
+    sid_column = config_value_read(data, "user sid column", CONFIG_USER_SID_DEFAULT);
+    username_column = config_value_read(data, "username column", CONFIG_USERNAME_DEFAULT);
+	
+    if(!strcmp(sid_column,"NULL") || !strcmp(username_column, "NULL")) {
+        DEBUG(0,("Please specify both a valid 'user sid column' and a valid 'username column' in smb.conf\n"));
+        return False;
+    }
+
+	return True;
+}