CVS update: samba/source/nsswitch
Gerald (Jerry) Carter
jerry at samba.org
Fri Aug 1 13:31:00 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 1 Aug 2003, Andrew Bartlett wrote:
> > o Look at Krb5 connection trusted domains
This turned out to be a nop by the way. Nothing to do
right now.
> > o make sure to initial the trusted domain cache as soon
> > as possible
>
> To avoid situations where trusted domains have restrict anonymous set,
> we should try and do a krb5 login for these connections, with the
> machine account. (Yes, with krb5 machines can establish an SMB
> connection, including creation of files etc :-)
most of the essential functions will be ok with RA==1 and no
auth account set. The reason is that we cache the entire user
info3 structure. This is why it got added in the first place since
HP print appliance never caches an auth user at all. So yes, there is
still some cleanup but in general things should be ok as long as the user
logons on to the samba box first.
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"You can never go home again, Oatman, but I guess you can shop there."
--John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE/KmuUIR7qMdg1EfYRArHtAJ9ELBTUrvwO1w3L8v6r9++8FOdENACffBu0
G513HxZmTUIeW0C4eocfbsE=
=SDGW
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list