1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
PDB MySQL plugin for samba v1.1
--
Building
=========
Before you can build the plugin, set the variable SAMBA_SRC in Makefile to the
path containing the samba sources. This is usually the 'source' directory in
the samba tarball or CVS.
Next, type make, and then copy pdb_mysql.so to any location you want. I
strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/
Configuring
============
This plugin lacks some good documentation, but here is some short info:
Add a the following to the 'passdb backend' variable in your smb.conf:
passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins]
The identifier can be any string you like, as long as it doesn't collide with
the identifiers of other plugins or other instances of pdb_mysql. If you
specify multiple pdb_mysql.so entries in 'passdb backend', you also need to
use different identifiers!
Additional options can be given thru the smb.conf file in the [global] section.
identifier:mysql host - host name, defaults to 'localhost'
identifier:mysql password
identifier:mysql user - defaults to 'samba'
identifier:mysql database - defaults to 'samba'
identifier:mysql port - defaults to 3306
identifier:table - Name of the table containing users
Names of the columns in this table(I've added column types those columns
should have first):
identifier:logon time column - int(9)
identifier:logoff time column - int(9)
identifier:kickoff time column - int(9)
identifier:pass last set time column - int(9)
identifier:pass can change time column - int(9)
identifier:pass must change time column - int(9)
identifier:username column - varchar(255) - unix username
identifier:domain column - varchar(255) - NT domain user is part of
identifier:nt username column - varchar(255) - NT username
identifier:fullname column - varchar(255) - Full name of user
identifier:home dir column - varchar(255) - Unix homedir path
identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:')
identifier:logon script column - varchar(255) - Batch file to run on client side when logging on
identifier:profile path column - varchar(255) - Path of profile
identifier:acct desc column - varchar(255) - Some ASCII NT user data
identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all)
identifier:unknown string column - varchar(255) - unknown string
identifier:munged dial column - varchar(255) - ?
identifier:uid column - int(9) - Unix user ID (uid)
identifier:gid column - int(9) - Unix user group (gid)
identifier:user sid column - varchar(255) - NT user SID
identifier:group sid column - varchar(255) - NT group ID
identifier:lanman pass column - varchar(255) - encrypted lanman password
identifier:nt pass column - varchar(255) - encrypted nt passwd
identifier:plaintext pass column - varchar(255) - plaintext password
identifier:acct control column - int(9) - nt user data
identifier:unknown 3 column - int(9) - unknown
identifier:logon divs column - int(9) - ?
identifier:hours len column - int(9) - ?
identifier:unknown 5 column - int(9) - unknown
identifier:unknown 6 column - int(9) - unknown
Eventually, you can put a colon (:) after the name of each column, which
should specify the column to update when updating the table. You can also
specify nothing behind the colon - then the data from the field will not be
updated.
Using plaintext passwords or encrypted password
===============================================
I strongly discourage the use of plaintext passwords, however, you can use them:
If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plaintext pass column' to the name of the column containing the plaintext passwords.
If you use encrypted passwords, set the 'identifier:plaintext pass column' to 'NULL' (without the quotes). This is the default.
Getting non-column data from the table
======================================
It is possible to have not all data in the database and making some 'constant'.
For example, you can set 'identifier:fullname column' to :
CONCAT(First_name,' ',Sur_name)
Or, set 'identifier:workstations column' to :
NULL
See the MySQL documentation for more language constructs.
|
