|
Bugzilla – Full Text Bug Listing |
| Summary: | YaST2 Samba module with LDAP adds deprecated dual passdb backend | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 10.3 | Reporter: | Don Vosburg <donald.vosburg> |
| Component: | YaST2 | Assignee: | Lukas Ocilka <locilka> |
| Status: | RESOLVED FIXED | QA Contact: | Jiri Srain <jsrain> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | joe, kukuk, locilka, samba-maintainers |
| Version: | Alpha 0plus | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Don Vosburg
2007-02-13 20:49:56 UTC
What about this format? passdb backend = ldapsam:ldap://10.233.2.1, smbpasswd http://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html Allows: passdb backend = tdbsam, smbpasswd No - Please reference this link: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html#id314632 Passdb Changes The passdb backend parameter no long accepts multiple passdb backends in a chained configuration. Also be aware that the SQL and XML based passdb modules have been removed in the Samba-3.0.23 release. More information regarding external support for a SQL passdb module can be found on the pdbsql web site. Thanks for that link, Donald. Thorsten, Joe: It seems that there is some change in samba that is not backward compatible (SLE10 -> SLE10 SP1).
--- cut ---
The passdb backend parameter no long accepts multiple passdb backends in a chained configuration. Also be aware that the SQL and XML based passdb modules have been removed in the Samba-3.0.23 release.
--- cut ---
We use that for LDAP/smbpasswd.
>> passdb backend = ldapsam:ldap://10.233.2.1 smbpasswd <<
Configurations written by YaST in SLES10 no longer work in SLES10 SP1 because of this change. Should I fix that by writing just the fist "passdb backend"? But what about upgrade/update? This might escalate in critical issue if not correctly covered by the package-upgrade process. What about release notes, at least?
*** Bug 246689 has been marked as a duplicate of this bug. *** Then we have to go back to the 3.0.22 release. The single passdb change was introduced with 3.0.23 and published Jul 10 2006. Going back to 3.0.22 is impossible for some huge customer sites. Therefore I suggest to parse the setting for any space and terminate the string at the first space. In addition we're able to inform the user with a debug 0 statement. We made the same for changed idmap backend names where we had to strip of a leading part IIRC. We have to be very careful as even a valid LDAP URL can include a space to separate two LDAP servers. Just wanted to check - this isn't related to Aquila is it? Luke: As long as Aquila doesn't use more than one passdb backend this isn't related to Aquila. http://build.samba.org/?function=diff;tree=samba_3_0;revision=21506 is the fix. This change set is included to the Novell Samba package subversion. Please ensure to use at least builds with the subversion revision 1202. Package sources provided for CODE 10 SP 1. Regarding Aquila see comment #12. This Samba change will break an products using more than one passdb backend. IIRC this is the case for OES 1. Lars, passdb is not used at all by Aquila. As Lukes comment #14, this bug does not belong to Domain Services for Windows. I'm reassigning the bug to Lars. Anything is done on the Samba side. I'm not sure regarding the state of YaST samba-server. YaST Samba Server for SLES10 / SLES10 SP1 will stay the very same as it is now. SLES10 (and more) is only fixed by corrected parsing of the configuration file. That's why I'm changing the $product to openSUSE 10.3 and adjusting severity. Changed "only one passdb backend" behavior will appear in next openSUSE and SLES11. - Changing SambaServer functions to use only one "passdb backend" for the configuration (#245167). Fixed in yast2-samba-server-2.15.5 |