RFC: passdb redesign
Simo Sorce
simo.sorce at polimi.it
Fri Nov 10 16:00:20 GMT 2000
Gerald Carter wrote:
>
> Robert Dahlem wrote:
> >
> > > o More flexibility. For example, you can use
> > > include parameters to validate clear text logons
> > > against /etc/passwd and encrypted logons against LDAP
> > > from the same server.
> >
> > Please don't forget the equivalent to "update encrypted" to allow
> > smooth migration from one model to another.
>
> Hmm....hadn't thought about this. Think of the
> following scenario.
>
> Plain text logons validated against /etc/passwd.
> Migrating to encrypted passwords in local TDB.
> Hmm....I need to think more.
>
Another thing.
Remember LDAP authentication may be used also for the system instead of
/etc/passwd.
In this case looking for system passwd for info on users may be
redundant.
We should have an option to make smbd trust passdb-backends(mostly LDAP)
informations (username, uid, gid.....)
--
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!
More information about the samba-technical
mailing list