password API needed
Jean-Francois Micouleau
Jean-Francois.Micouleau at utc.fr
Fri May 8 12:03:13 GMT 1998
On Fri, 8 May 1998, Luke Kenneth Casson Leighton wrote:
> in your ldap code, you make the distinction between a "machine" account
> and a "user" account. can you remove this distinction? machine acounts
> _are_ user accounts, and "machine" accounts is a misleading name: they are
> actually a subset of trust accounts. therefore, can we refer to them as
> "trust" accounts from now?
I know you don't want to make a distinction between users and machines. I
still don't like it. You make a distinction between aspirin and laxative
even if they are both medecine and you store them in the same place.
> the uint16 acct_ctrl member, when the ACB_WKSTRUST bit is set, correctly
> and uniquely identifies the account as a workstation trust account.
That's faster to look at only users or trust accounts in ldap and that's
the same for SQL for example.
> there just happens to be an additional (redundant but "visual-in-text")
> method to identify a trust account: it ends with $.
BTW having two distinct object classes is more 'NT5 compliant' in an LDAP
point of view.
-----------------------------------------------------------
Pinky: "What are we going to do tonight, Brain?"
Brain: "The same thing we do every night, Pinky :
try to install Windows NT !"
-----------------------------------------------------------
More information about the samba-technical
mailing list