samba使用tdb database file儲存重要資訊

在samba中，使用到許多tdb的檔案儲存系統的一些重要資訊或是runtime資訊。這些檔案會方在兩個地方，可以透過下列方法知道兩個放置tdb database file的位置，首先是samba的一些機密資訊：

smbd -b |grep PRIVATE_DIR

這些tdb database file最好定期備份，以便在系統運作出現錯誤時可以進行回復，samba套件提供了一個工具[wiki:tdbbackup tdbbackup]可以幫助我們備份這些檔案。這些檔案在samba的文件稱為presistent TDB file。

另外，samba在執行時期的資訊放在：

smbd -b|grep LOCKDIR

這些檔案在samba文件稱為temporary TDB file。

以下分別列出presistent TDB file以及temporary TDB file的名稱與功能：

• Presistent TDB file
• account_policy: Samba/NT account policy settings, includes password expiration settings.
• group_mapping: apping table from Windows groups/SID to UNIX groups.
• ntdrivers: Stores per-printer installed driver information.
• ntforms: Stores per-printer installed forms information.
• ntprinters: Stores the per-printer devmode configuration settings.
• passdb: Exists only when the tdbsam passwd backend is used. This file stores the SambaSAMAccount information. Note: This file requires that user POSIX account information is availble from either the /etc/passwd file, or from an alternative system source.
• registry: Read-only Samba database of a Windows registry skeleton that provides support for exporting various database tables via the winreg RPCs.
• secrets: This file stores the Workgroup/Domain/Machine SID, the LDAP directory update password, and a further collection of critical environmental data that is necessary for Samba to operate correctly. This file contains very sensitive information that must be protected. It is stored in the PRIVARE_DIR directory.
• share_info: Stores per-share ACL information
• winbindd_idmap: Winbindd's local IDMAP database.

• Temporal TDB file
• brlock: Byte-range locking information. 不需要備份
• connections: A temporary cache for current connection information used to enforce max connections. 不需要備份
• eventlog/*tdb: Records of eventlog entries. In most circumstances this is just a cache of system logs. 不需要備份
• gencache: Generic caching database for dead WINS servers and trusted domain data. 不需要備份
• login_cache: A temporary cache for login information, in particular bad password attempts. 不需要備份
• messages: Temporary storage of messages being processed by smbd. 不需要備份
• netsamlogon_cache: Caches user net_info_3 structure data from net_samlogon requests (as a domain member). 不需要備份
• perfmon/*.tdb: Performance counter information. 不需要備份
• printing/*.tdb: Cached output from lpq command created on a per-print-service basis. 不需要備份
• schannel_store: A confidential file, stored in the PRIVATE_DIR, containing crytographic connection information so that clients that have temporarily disconnected can reconnect without needing to renegotiate the connection setup process. 不需要備份
• sessionid: Temporary cache for miscellaneous session information and for utmp handling. 不需要備份
• unexpected: Stores packets received for which no process is actively listening. 不需要備份
• winbindd_cache: Cache of Identity information received from an NT4 domain or from ADS. Includes user lists, etc. 需要備份