Patches to head (become_root and some RPC stuff)
pgmtekn at algonet.se
Mon Aug 23 19:55:07 GMT 1999
> > Hello,
> > > do people agree that this is a good idea? [splitting passwords
> > into
> > > private/DOMAINNAME.user1.mac private/DOMAINNAME.user2.mac]
> > >
> > > does someone want to write a private/sampasswd module, as this
> > be a
> > > good opportunity to do this.
> > No, this idea is probably wrong. The idea, as put forth in the
> > previous discussion,
> i missed it. i have 750 messages and increasing, and no time to
> > is to protect the password hashes and this
> > exposes them to user interference. What we need is actually only
> > file with public user information and one with restricted (such as
> > passwords).
> hmmm... but there is actually so little info in private/smbpasswd
> this seems like a lot of effort to go to, unless you actually extend
> "public" information. most of the "public" information currently
> from smb.conf options and /etc/passwd.
Well, what we have is a number of fields that tell which unix users
are NT users and some more. How much more data we may want to add in
the future, I don't know. I suppose though that there is some data
that would be much appreciated, such as maximum allowed simultaneous
logins. There is probably more.
An appealing idea is to make the the information interchangeable
between two files, through configuring smb.conf, so that the admin
could actually configure what goes in which file. It is probably also
wise to make things as future safe as possible. I could probably do
this (the become_roots are gone and I'm anyway only creating troubble
for everyone in the RPC section), as it's a limited task and I believe
in it. I will need to know which inferface is needed between the db
functions and samba. (I find the current code hard to read, it's
really a matter of laziness).
pgmtekn-micke at algonet.se
More information about the samba-technical