| blob | 19fe6813db33010aac69ce9fa2ae6a0a8a969f10 |
1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
3 <chapter id="tdb">
5 <chapterinfo>
6 &author.jht;
8 <pubdate>May 28, 2008</pubdate>
9 </chapterinfo>
11 <title>Managing TDB Files</title>
13 <sect1>
14 <title>Features and Benefits</title>
16 <para>
17 <indexterm><primary>tdb</primary></indexterm>
18 <indexterm><primary>Trivial Database</primary></indexterm>
19 Samba uses a lightweight database called Trivial Database (tdb) in which it stores persistent and transient data.
20 Some tdb files can be disposed of before restarting Samba, but others are used to store information that is vital
21 to Samba configuration and behavior. The following information is provided to help administrators who are seeking
22 to better manage their Samba installations.
23 </para>
25 <para>
26 <indexterm><primary>tdb</primary></indexterm>
27 <indexterm><primary>corrupted</primary></indexterm>
28 <indexterm><primary>backup</primary></indexterm>
29 <indexterm><primary>restore</primary></indexterm>
30 Those who package Samba for commercial distribution with operating systems and appliances would do well to take
31 note that tdb files can get corrupted, and for this reason ought to be backed up regularly. An appropriate time
32 is at system shutdown (backup) and startup (restore from backup).
33 </para>
35 <para>
36 <indexterm><primary>NTDB</primary></indexterm>
37 </para>
38 As of Samba 4.1, the NTDB format can be used if 'use ntdb' is set. In this case, tdb files are automatically converted to ntdb files (with the .ntdb extension). The old .tdb file is turned into a dangling symlink to 'This is now in an NTDB' to prevent it being accidentally used). The table indicates what databases are currently available as NTDB files.
40 <table frame="all" id="TOSH-TDB">
41 <title>Samba's Trivial Database Files</title>
42 <tgroup align="center" cols="2">
43 <thead>
44 <row><entry>File name</entry><entry>Preserve</entry><entry>NTDB</entry><entry>Description</entry></row>
45 </thead>
47 <tbody>
48 <row><entry>account_policy.tdb</entry><entry>Y</entry><entry>N</entry>
49 <entry><para>NT account policy settings such as pw expiration, etc...</para></entry></row>
50 <row><entry>brlock.tdb</entry><entry>N</entry><entry>N</entry>
51 <entry><para>Byte range locks.</para></entry></row>
52 <row><entry>browse.dat</entry><entry>N</entry><entry>N</entry>
53 <entry><para>Browse lists - gets rebuilt automatically.</para></entry></row>
54 <row><entry>connections.tdb</entry><entry>N</entry><entry>N</entry>
55 <entry><para>Share connections. Used to enforce max connections, etc.</para></entry></row>
56 <row><entry>gencache.tdb</entry><entry>N</entry><entry>N</entry>
57 <entry><para>Generic caching database.</para></entry></row>
58 <row><entry>group_mapping.tdb</entry><entry>Y</entry><entry>N</entry>
59 <entry><para>Stores group mapping information. Not used when using LDAP backend.</para></entry></row>
60 <row><entry> lang_en.tdb</entry><entry>Y</entry><entry>N</entry>
61 <entry><para>Stores language encoding information.</para></entry></row>
62 <row><entry>locking.tdb</entry><entry>N</entry><entry>N</entry>
63 <entry><para>Stores share mode and oplock information.</para></entry></row>
64 <row><entry>login_cache.tdb</entry><entry>N</entry><entry>N</entry>
65 <entry><para>Keeps a log of bad pw attempts.</para></entry></row>
66 <row><entry>messages.tdb</entry><entry>N</entry><entry>N</entry>
67 <entry><para>Used to keep track of Samba internal messaging.</para></entry></row>
68 <row><entry>netsamlogon_cache.tdb</entry><entry>Y</entry><entry>N</entry>
69 <entry><para>
70 Cache of user net_info_3 struct from <emphasis>net_samlogon()</emphasis>
71 requests from domain member machines.
72 </para></entry></row>
73 <row><entry>ntdrivers.tdb</entry><entry>Y</entry><entry>N</entry>
74 <entry><para>Stores installed printer driver information.</para></entry></row>
75 <row><entry>ntforms.tdb</entry><entry>Y</entry><entry>N</entry>
76 <entry><para>Stores installed printer forms information.</para></entry></row>
77 <row><entry>ntprinters.tdb</entry><entry>Y</entry><entry>N</entry>
78 <entry><para>Stores installed printers information.</para></entry></row>
79 <row><entry>printing directory</entry><entry>Y</entry><entry>N</entry>
80 <entry><para>Directory containing tdb per print queue of cached lpq output.</para></entry></row>
81 <row><entry>registry.tdb</entry><entry>Y</entry><entry>N</entry>
82 <entry><para>Windows registry skeleton (connect via regedit.exe).</para></entry></row>
83 <row><entry>sessionid.tdb</entry><entry>N</entry><entry>N</entry>
84 <entry><para>Session information to support <literal>utmp = yes</literal> capabilities.</para></entry></row>
85 <row><entry>share_info.tdb</entry><entry>Y</entry><entry>N</entry>
86 <entry><para>Stores share-level ACL configuration settings.
87 Default ACL is <emphasis>Everyone - Full Control</emphasis>.
88 </para></entry></row>
89 <row><entry>unexpected.tdb</entry><entry>N</entry><entry>N</entry>
90 <entry><para>
91 Unexpected packet queue needed to support windows clients that respond on a
92 different port that the originating reques.
93 </para></entry></row>
94 <row><entry>winbindd_cache.tdb</entry><entry>N</entry><entry>N</entry>
95 <entry><para>Winbind's cache of user lists.</para></entry></row>
96 <row><entry>winbindd_idmap.tdb</entry><entry>Y</entry><entry>N</entry>
97 <entry><para>Winbind's local IDMAP database.</para></entry></row>
98 <row><entry>wins.dat</entry><entry>N</entry><entry>N</entry>
99 <entry><para>
100 WINS database iused only when <parameter>wins support = yes</parameter>
101 has been set. This gets rebuilt or updated at every restart.
102 </para></entry></row>
103 <row><entry>wins.tdb</entry><entry>Y</entry><entry>N</entry>
104 <entry><para>
105 The working permanent storage for all WINS data. This database is used only
106 when <parameter>wins support = yes</parameter> has been set in the &smb.conf; file.
107 Note: This retains all manually configured WINS entries. Manual setting can be done use the net utility.
108 </para></entry></row>
109 <row><entry>secrets.tdb</entry><entry>Y</entry><entry>Y</entry>
110 <entry><para>
111 This tdb file stores internal settings such as the machine and the domain SID, secret passwords
112 that are used with LDAP, the machine secret token, etc. This is an essential file that is stored
113 in a secure area. Vendors locate this in various folders. Check <command>smbd -b</command> to
114 find its location on your system.
115 </para></entry></row>
116 <row><entry>schannel_store.tdb</entry><entry>Y</entry><entry>Y</entry>
117 <entry><para>
118 This stores secure channel access token information used with SMB signing.
119 </para></entry></row>
120 <row><entry>passdb.tdb</entry><entry>Y</entry><entry>N</entry>
121 <entry><para>
122 This stores the Samba SAM account information when using a tdbsam password backend.
123 </para></entry></row>
124 </tbody>
125 </tgroup>
126 </table>
128 </sect1>
130 <sect1>
131 <title>Managing TDB Files</title>
133 <para>
134 The <command>tdbbackup</command> utility is a tool that may be used to backup samba tdb files.
135 This tool may also be used to verify the integrity of the tdb files prior to Samba startup or
136 during normal operation. If it finds file damage it will search for a prior backup the backup
137 file from which the damaged tdb file will be restored. The <command>tdbbackup</command>
138 utility can safely be run at any time. It was designed so that it can be used at any time to
139 validate the integrity of tdb files, even during Samba operation.
140 </para>
142 <para>
143 It is recommended to backup all tdb files as part of the Samba start-up scripts on a Samba
144 server. The following command syntax can be used:
145 </para>
146 <screen>
147 myserver# > cd /var/lib/samba
148 myserver@ > tdbbackup *.tdb
149 </screen>
150 <para>
151 The default extension is <filename>.bak</filename>. Any alternate extension can be specified
152 by executing <literal>tdbbackup -s 'new_extension' *.tdb</literal> as part of your startup script.
153 </para>
155 </sect1>
157 </chapter>