[PATCH] Some ADS fixes + pam_limits problem workaround
Antti Andreimann
Antti.Andreimann at mail.ee
Wed Jul 23 22:39:32 GMT 2003
Andrew Bartlett wrote:
> This patch has nasty performance implications. A better way to work
> would be to save the full principal name when we join. Even better
I agree. Can You tell me how it should stored in tdb? Does tdb have a
capability to store more than one easily distinguishable data block with a
key or should I implement it as something like this:
1. Store the principial name instead of secret in TDB when using ADS.
2. Store the actual secret using the principial as the key to TDB.
Or as a third option I could store the principial and the secret in tdb
using some sexy "special" format, eg.:
principial<some special byte>secret.
If You could give me some advice on this I'd be grateful.
PS! I got a brand new W2K box today (the old one just died on me) so
hopefully I can get my little hands dirty by digging into the "demotion"
problem once again (too bad I lost the dumps I did about a month ago).
--
Antti Andreimann
Using Linux since 1993
Member of ELUG since 29.01.2000
More information about the samba-technical
mailing list