TODO list proposal for volunteers

Gerald Carter gcarter at valinux.com
Mon Oct 2 04:20:19 GMT 2000


Seth Vidal wrote:
> 
> I would disagree - I'm not sure you're getting the 
> point of it. maybe you are and have other problems 
> with it. but I've not heard them here so.
> 
> but what it sounds like to me is your are suggesting 
> rewriting what pam does in samba - which sounds like 
> duplicated and wasted effort.

Seth.  We cannot simply pamify Samba (aside from the 
support which already exists). How do you proposed 
supporting an LDAP backend (which will act as a stepping 
stone in plugging Samba into an Win20/AD domain)?

Someone please correct me, but unless you are using a...
now what does pam call it....something like use_mapped_pass....
anyways, my understanding is that  PAM requires plan text 
unless you are specifying that the plain text password be 
used to generate an encryption key for storing authentication
tokens on disk.  The last time i checked, the Linux-PAM
modules did not support this anyways.

Did I miss something here?

All we are talking about is to provide an abstraction layer
which would essentially specify a set of callbacks that 
could be very simple wrapper functions or more complex routines
requiring lots of stuff.  It gives us the flexibility to 
replace the backend with either a local TDB, a remote 
LDAP directory, etc...

This is how Luke initally designed the API and still exists 
in 2.0.7 and HEAD today.





Cheers, jerry
----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com  VA Linux Systems    gcarter at valinux.com
       http://www.samba.org       SAMBA Team           jerry at samba.org
       http://www.eng.auburn.edu/~cartegw

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )





More information about the samba-technical mailing list