Table of Contents
Samba uses a lightweight database called Trivial Database (tdb) in which it stores persistent and transient data. Some tdb files can be disposed of before restarting Samba, but others are used to store information that is vital to Samba configuration and behavior. The following information is provided to help administrators who are seeking to better manage their Samba installations.
Those who package Samba for commercial distribution with operating systems and appliances would do well to take note that tdb files can get corrupted, and for this reason ought to be backed up regularly. An appropriate time is at system shutdown (backup) and startup (restore from backup).
Table 41.1. Samba's Trivial Database Files
| File name | Preserve | Description |
|---|---|---|
| account_policy.tdb | Y | NT account policy settings such as pw expiration, etc... |
| brlock.tdb | N | Byte range locks. |
| browse.dat | N | Browse lists - gets rebuilt automatically. |
| connections.tdb | N | Share connections. Used to enforce max connections, etc. |
| gencache.tdb | N | Generic caching database. |
| group_mapping.tdb | Y | Stores group mapping information. Not used when using LDAP backend. |
| lang_en.tdb | Y | Stores language encoding information. |
| locking.tdb | N | Stores share mode and oplock information. |
| login_cache.tdb | N | Keeps a log of bad pw attempts. |
| messages.tdb | N | Used to keep track of Samba internal messaging. |
| netsamlogon_cache.tdb | Y | Cache of user net_info_3 struct from net_samlogon() requests from domain member machines. |
| ntdrivers.tdb | Y | Stores installed printer driver information. |
| ntforms.tdb | Y | Stores installed printer forms information. |
| ntprinters.tdb | Y | Stores installed printers information. |
| printing directory | Y | Directory containing tdb per print queue of cached lpq output. |
| registry.tdb | Y | Windows registry skeleton (connect via regedit.exe). |
| sessionid.tdb | N | Session information to support |
| share_info.tdb | Y | Stores share-level ACL configuration settings. Default ACL is Everyone - Full Control. |
| unexpected.tdb | N | Unexpected packet queue needed to support windows clients that respond on a different port that the originating reques. |
| winbindd_cache.tdb | N | Winbind's cache of user lists. |
| winbindd_idmap.tdb | Y | Winbind's local IDMAP database. |
| wins.dat | N |
WINS database iused only when |
| wins.tdb | Y |
The working permanent storage for all WINS data. This database is used only
when |
| secrets.tdb | Y |
This tdb file stores internal settings such as the machine and the domain SID, secret passwords
that are used with LDAP, the machine secret token, etc. This is an essential file that is stored
in a secure area. Vendors locate this in various folders. Check |
| schannel_store.tdb | Y | This stores secure channel access token information used with SMB signing. |
| passdb.tdb | Y | This stores the Samba SAM account information when using a tdbsam password backend. |
The tdbbackup utility is a tool that may be used to backup samba tdb files.
This tool may also be used to verify the integrity of the tdb files prior to Samba startup or
during normal operation. If it finds file damage it will search for a prior backup the backup
file from which the damaged tdb file will be restored. The tdbbackup
utility can safely be run at any time. It was designed so that it can be used at any time to
validate the integrity of tdb files, even during Samba operation.
It is recommended to backup all tdb files as part of the Samba start-up scripts on a Samba server. The following command syntax can be used:
myserver# > cd /var/lib/samba myserver@ > tdbbackup *.tdb
The default extension is .bak. Any alternate extension can be specified
by executing tdbbackup -s 'new_extension' *.tdb as part of your startup script.