[PATCH] ldap connection caching (not ready!!!)
Ignacio Coupeau
icoupeau at unav.es
Fri Oct 18 08:26:01 GMT 2002
Stefan (metze) Metzmacher wrote:
!!! a few line above I read 'return NT_STATUS_OK' but it
> was 'ret = NT_STATUS_OK' :-(
>
> but now it works! :-)
>
> what I need is to test is the non_unix_account stuff.
>
I browsed the code and the ldap schema changes... if I don't
misunderstand, the the nextrid is used only for non_unix_account, and
the algorithmic mapping for unix accounts, rigth?
So, the other question is if a non_unix_account should be in only-one
domain? In other words: if an user logs in the domain x the ldap stuff
will provide a rid-x only useable for the domain-x?
I wonder if this may be a strong restriction for large sites with "n"
domains and only-one ldap base... because the administrators should
maintain n accounts/rid per-user for access to the n domains. On the
other hand, if the domain attr takes n-values may solve the multiple
logon but the rid space may be broken.
Ignacio
--
____________________________________________________
Ignacio Coupeau, Ph.D. e-mail: icoupeau at unav.es
CTI, Director fax: 948 425619
University of Navarra voice: 948 425600
Pamplona, SPAIN http://www.unav.es/cti/
More information about the samba-technical
mailing list