Steady as a rock

Q. How to make Samba use a centralized MySQL autentication database without using the built-in samba/mysql things?

A. Since the frontend to the db is a mod_perl app, Use Crypt::SmbPasswd to generate NTLM hashes when passwords are set/changed and patch smbpasswd (well, source/passdb/pdb_get_set.c) so it parses those hashes properly. Evil. EVIL. But hey, it works, and via cron it’s easy to create/delete accounts now

--- pdb_get_set.c.old   2007-02-04 19:59:21.000000000 +0100
+++ pdb_get_set.c       2007-03-29 22:38:07.000000000 +0200
@@ -975,6 +975,18 @@
        if (!plaintext)
                return False;

+    if(strchr(plaintext,':') && (strlen(plaintext) > 50)) {
+        if(!pdb_gethexpwd(plaintext,new_lanman_p16))
+            return False;
+        if(!pdb_gethexpwd(plaintext+33, new_nt_p16))
+            return False;
+        if (!pdb_set_nt_passwd (sampass, new_nt_p16, PDB_CHANGED))
+            return False;
+        if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED))
+            return False;
+    }
+    else {
+
        /* Calculate the MD4 hash (NT compatible) of the password */
        E_md4hash(plaintext, new_nt_p16);

@@ -996,6 +1008,7 @@

        if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED))
                return False;
+    } /* if (detect NTLM hash) */

        if (!pdb_set_pass_changed_now (sampass))
                return False;