Web lists-archives.com

Re: [Samba] backup of tdb files




-<| Quoting Andrew Bartlett <abartlet@xxxxxxxxx>, on Thursday, 2018-10-25 08:36:02 PM |>-
> On Thu, 2018-10-25 at 09:16 +0200, Philipp Gesang wrote:
> > Hi Andrew,
> > 
> > thank you for your reply.
> > 
> > I’m working on a patchset that allows extracting the machine
> > account credentials so they can be stored outside Samba. That
> > part is already working. 
> 
> Can you remind us of the current patch?

I’ll post it as soon as I get the tests right.

> > The goal is now to always have up to
> > date values stored away to minimize the possibility that a
> > re-join is needed after replaying the creds from a backup. The
> > join requires manual intervention and elevated privileges so it
> > is quite undesirable to request it unless absolutely necessary
> > (e. g. password changed since last backup).
> > 
> > There is of course always the option of monitoring secrets.tdb
> > with inotify and acting on change events. It would be more
> > convenient though if I could just throw a script at Samba and
> > have it executed at the right moment.
> 
> Perhaps set:
>  machine password timeout = 0
> in the smb.conf
> 
> and then run 
>  wbinfo --change-secret
> 
> and then do the backup?

Perfect! Thanks a lot.

Philipp

Attachment: signature.asc
Description: PGP signature

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba