passdb lookups directly in winbindd? [was Re: winbind on PDC for trusted domains]

Gerald (Jerry) Carter jerry at samba.org
Sat Jun 28 19:02:05 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 28 Jun 2003, Gerald (Jerry) Carter wrote:

> > We are already heading for this - winbind has a passdb backend already
> > (not operational), and it is intended that winbind should provide these
> > services for direct NT migrations.
> > 
> > (Ie, you suck down an NT PDC into passdb, and winbind handles the rest).
> > 
> > I agree that it seems to be feature creep - if we really do feel that
> > way, then creating a seperate 'samba-authd' might be appropriate. 
> > However, given the circumstances I think it's suitable.

btw...do we really need WINBIND_PAM_CONTACT_TRUSTDOM as a flag for testing 
whether we deal with trusted users.  I don't see any real value in being 
able to set "allow trusted domains = no" on a per call basis.  Can you
give me an example of when it would be useful?  Thanks.  Or even better, 
add a comment in the code about it next time.




cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+/eYtIR7qMdg1EfYRAtnxAJ0XFoyBW0BK3EpZiKMnUyr4nouHOACgxt9d
a1sGrb22EyGM4RvWOgAFbIA=
=RU6W
-----END PGP SIGNATURE-----




More information about the samba-technical mailing list