'On the Fly' mappings and PDC/BDC interactions
abartlet at samba.org
Thu Oct 17 11:01:01 GMT 2002
I'm just wondering if anybody has considered the impact of creating 'on
the fly' mappings for groups/users (uid->sid stuff) and how this plays
with PDC/BDC relationships...
If we have a BDC that is asked for a not-yet-mapped group, and gives it
a SID, how do we get that information back to the PDC?
In particular, I don't like the idea that the BDC must contact the PDC
in real time here - that would seem to defeat the point of having a
PDC/BDC. (In particular, I can imagine setups where the BDC simply
cannot contact the PDC ever, and just assumes LDAP handles the
Also, it would of course need to play with 'net rpc vampire'
Anyway, this area is messy.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical