Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Jeremy Allison
jeremy at valinux.com
Tue Dec 28 23:53:59 GMT 1999
Nicolas Williams wrote:
>
> - Microsoft includes a NIS server with w2k that makes lookups via LDAP
> into ActiveDirectory. The account/principal/uid/sid/whatever
> information is all in one place.
If that is so then they've already done the work for us.
We're done :-).
> - I work with a namespace management tool that is name service
> independent and scales very, very well to very large organizations
> and which can master NIS, DNS, LDAP, whatever namespace data. All in
> one place.
Yeah, but I bet stock NT doesn't integrate with it though :-).
> Or PAM_LDAP. Same thing. With win2000 you get an LDAP interface to
> ActiveDirectory.
No - PAM doesn't do user enumeration, just authentication.
Enumeration is the nsswitch job.
> Ok, yes. But we're not there yet. The namespace-management-tool-
> layered-ontop-of-existing-name-services is workable today, at least for
> me. Thus my interest in Luke's initiative.
Yeah - but Luke wants to do it in the wrong piece of code
(Samba). Note that all the other things you mention are
programs external to Samba - I'd like to keep it that way.
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list