Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

[Samba] content of sam.ldb vs sam.ldb.d/DC=MYDOMAIN,DC=LAN

85 views

Skip to first unread message

Denis Cardon

unread,

Feb 24, 2015, 9:10:03 AM2/24/15

Hi everyone,

I am wondering what is the difference between the content in sam.ldb and
sam.ldb.d/DC=MYDOMAIN,DC=LAN.

In the two file I have my user entry:
# ldbsearch -H
/usr/local/samba/private/sam.ldb.d/DC\=TRANQUILIT\,DC\=LOCAL.ldb | grep
dn | grep CN=dcardon
dn: CN=dcardon,CN=Users,DC=tranquilit,DC=local

# ldbsearch -H /usr/local/samba/private/sam.ldb | grep dn | grep CN=dcardon
dn: CN=dcardon,CN=Users,DC=tranquilit,DC=local

Is it some kind of legacy? I though that the entries should be in the
partition file into the sam.ldb.d directory, and sam.ldb was just had
some kind of glue linking toward the partition file. If it is legacy, is
there anyway recommended way to clean it up?

Actually I was looking at it because I dug up a entry at a client that
was well beyond the garbage collecting deadline into the sam.ldb file,
and so started wondering about the content of the file.

Thanks for the input,

Denis

--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

Andrew Bartlett

unread,

Feb 28, 2015, 8:50:02 PM2/28/15

On Tue, 2015-02-24 at 15:06 +0100, Denis Cardon wrote:
> Hi everyone,
>
> I am wondering what is the difference between the content in sam.ldb and
> sam.ldb.d/DC=MYDOMAIN,DC=LAN.
>
> In the two file I have my user entry:
> # ldbsearch -H
> /usr/local/samba/private/sam.ldb.d/DC\=TRANQUILIT\,DC\=LOCAL.ldb | grep
> dn | grep CN=dcardon
> dn: CN=dcardon,CN=Users,DC=tranquilit,DC=local
>
> # ldbsearch -H /usr/local/samba/private/sam.ldb | grep dn | grep CN=dcardon
> dn: CN=dcardon,CN=Users,DC=tranquilit,DC=local
>
> Is it some kind of legacy? I though that the entries should be in the
> partition file into the sam.ldb.d directory, and sam.ldb was just had
> some kind of glue linking toward the partition file. If it is legacy, is
> there anyway recommended way to clean it up?
>
> Actually I was looking at it because I dug up a entry at a client that
> was well beyond the garbage collecting deadline into the sam.ldb file,
> and so started wondering about the content of the file.

If you run ldbdump on sam.ldb, you will see it is very, very small.
Indeed, essentially only one line in it matters:

dn: @MODULES
@LIST: samba_dsdb

This tells ldb to load the Samba modules, and from there the partitions
module knows to read the rest of the data from the sam.ldb.d/ files.

When you use sam.ldb, you see a virtual view of the objects as filtered,
munged and massaged by our ldb module stack - all the steps to turn LDAP
into AD-LDAP. When you look at sam.ldb.d, you see the raw backend
data.

I hope this clarifies things,

Andrew Bartlett

--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba

0 new messages