IMHO: Winbind in Samba4 (Was: winbind in samba4?)
Gémes Géza
geza at kzsdabas.sulinet.hu
Fri Jan 7 10:43:16 GMT 2005
Simo Sorce írta:
>On Fri, 2005-01-07 at 00:37 +0100, Volker Lendecke wrote:
>
>
>>On Thu, Jan 06, 2005 at 05:36:31PM -0600, Gerald (Jerry) Carter wrote:
>>
>>
>>>My gut feeling is that this is a bad idea since people do
>>>run winbindd without smbd at all (e.g. linux desktop
>>>clients, squid servers, etc...) But since I'm not working
>>>on Samba 4, I could be off base.
>>>
>>>
>>Just say 'server service = winbind' only....
>>
>>
>
>Volker you can just refuse to make winbind work if not in single
>process.
>
>If you launch samba4 with the standard model then all you need is to
>launch another instance of smbd with 'server service = winbind' and
>single process model.
>
>Simo.
>
>
>
I think, that winbind in Samba4 is not as important, as it was in
Samba3, this are the points on which I base my opinion:
-Samba4 is/will be implementing the AD server code
-Samba4 will implement in the LDAP server also posix attributes
-Samba4 is/will be working together with the Heimdal Kerberos implemetation
-Posix users/application can authenticate, get account, and
authorization information from Heimdal+Samba4 LDAP Server
-Samba3 has an acceptable winbind solution for the short term
-Winbind would be needed just in case, when there are no Samba4 AD
servers at all.
So IMHO winbind is a nice thing, but not very urgent in the Samba4
development.
I think the most urgent things are:
-Samba4 LDAP Server
-DRSUAPI replication
-LDB rewriting (with the new talloc code)
-Heimdal integration (read-write ldb backend, more PAC testing)
Regards,
Geza
More information about the samba-technical
mailing list