This option allows the administrator to chose which backends
to retrieve and store passwords with. This allows (for example) both
smbpasswd and tdbsam to be used without a recompile. Multiple
backends can be specified, separated by spaces. The backends will be
searched in the order they are specified. New users are always added
to the first backend specified.
This parameter is in two parts, the backend's name, and a 'location'
string that has meaning only to that particular backed. These are separated
by a : character.
Available backends can include:
smbpasswd - The default smbpasswd
backend. Takes a path to the smbpasswd file as an optional argument.
tdbsam - The TDB based password storage
backend. Takes a path to the TDB as an optional argument (defaults to passdb.tdb
in the directory.
ldapsam - The LDAP based passdb
backend. Takes an LDAP URL as an optional argument (defaults to
ldap://localhost)
LDAP connections should be secured where possible. This may be done using either
Start-TLS (see ) or by
specifying ldaps:// in
the URL argument.
Multiple servers may also be specified in double-quotes, if your
LDAP libraries supports the LDAP URL notation.
(OpenLDAP does).
nisplussam -
The NIS+ based passdb backend. Takes name NIS domain as
an optional argument. Only works with sun NIS+ servers.
mysql -
The MySQL based passdb backend. Takes an identifier as
argument. Read the Samba HOWTO Collection for configuration
details.
Examples of use are:
passdb backend = tdbsam:/etc/samba/private/passdb.tdb \
smbpasswd:/etc/samba/smbpasswd
or
passdb backend = ldapsam:ldaps://ldap.example.com
or
passdb backend = ldapsam:"ldap://ldap-1.example.com \
ldap://ldap-2.example.com"
or
passdb backend = mysql:my_plugin_args tdbsam
smbpasswd