RFC: passdb redesign

Simo Sorce simo.sorce at polimi.it
Fri Nov 10 17:29:41 GMT 2000


Gerald Carter wrote:
> 
> Simo Sorce wrote:
> >
> > Remember LDAP authentication may be used also for
> > the system instead of /etc/passwd. In this case looking
> > for system passwd for info on users may be redundant.
> > We should have an option to make smbd trust
> > passdb-backends(mostly LDAP) informations (username,
> > uid, gid.....)
> 
> Redundant maybe, but consistent.  Trust me on this one.
> JF and I have gone over and over this.  We both feel
> rather strongly that Samba should use the OS mechanisms
> for retreiving uid/gid information.  The passdb backend
> should only deal with Samba user information.
> 
Yes, you are right.
At this point I think it is redundant to have user uid and gid in
sam_passwd.
smbd should check for username and retrieve the RID,
check system (getpwnam?) and retrieve the UID and then store in a
temporary cache uid<->rid mapping.
This would permit unix admins to make uid changes (sometimes necessary)
without having inconsistencies with samba although maybe this would
limit username namespace.
-- 
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!




More information about the samba-technical mailing list