Web lists-archives.com

Re: [Samba] backup of tdb files




On Thu, 2018-10-25 at 09:16 +0200, Philipp Gesang wrote:
> Hi Andrew,
> 
> thank you for your reply.
> 
> I’m working on a patchset that allows extracting the machine
> account credentials so they can be stored outside Samba. That
> part is already working. 

Can you remind us of the current patch?

> The goal is now to always have up to
> date values stored away to minimize the possibility that a
> re-join is needed after replaying the creds from a backup. The
> join requires manual intervention and elevated privileges so it
> is quite undesirable to request it unless absolutely necessary
> (e. g. password changed since last backup).
> 
> There is of course always the option of monitoring secrets.tdb
> with inotify and acting on change events. It would be more
> convenient though if I could just throw a script at Samba and
> have it executed at the right moment.

Perhaps set:
 machine password timeout = 0
in the smb.conf

and then run 
 wbinfo --change-secret

and then do the backup?

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba