CVS update: samba/source/nsswitch

Gerald (Jerry) Carter jerry at
Fri Aug 1 13:31:00 GMT 2003

Hash: SHA1

On 1 Aug 2003, Andrew Bartlett wrote:

> >   o Look at Krb5 connection trusted domains

This turned out to be a nop by the way.  Nothing to do
right now.

> >   o make sure to initial the trusted domain cache as soon
> >     as possible
> To avoid situations where trusted domains have restrict anonymous set,
> we should try and do a krb5 login for these connections, with the
> machine account.  (Yes, with krb5 machines can establish an SMB
> connection, including creation of files etc :-)

most of the essential functions will be ok with RA==1 and no
auth account set.  The reason is that we cache the entire user
info3 structure.  This is why it got added in the first place since 
HP print appliance never caches an auth user at all.  So yes, there is 
still some cleanup but in general things should be ok as long as the user 
logons on to the samba box first.   

cheers, jerry
 Hewlett-Packard            -------------------------
 SAMBA Team                 ----------------------
 GnuPG Key                  ----
 "You can never go home again, Oatman, but I guess you can shop there."  
                            --John Cusack - "Grosse Point Blank" (1997)

Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see


More information about the samba-technical mailing list