CVS update: samba/source/auth
simo.sorce at xsec.it
Sun Jun 29 14:47:32 GMT 2003
On Sun, 2003-06-29 at 15:16, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 29 Jun 2003, Simo Sorce wrote:
> > > o To handle case #1, we bypass winbindd in sys_getgrouplist() unless
> > > the username includes the 'winbind separator'.
> > >
> > > o Case #2 is handled by adding checks in winbindd to return failure
> > Jerry,
> > does this mean it will be more difficult to code & use winbind_passdb on
> > PDCs in future?
> Like I said before, I don't ever want winbind accessing passdb
> information directly. It's not what winbind is there for.
> If I'm wrong, then convince me of a real situation where
> (a) you would want to do this, and (b) there is no other way
> to solve the problem other than having winbind do passdb lookups.
A PDC that want to use the samba passdb as the authoritative source of
user/group information without using LDAP.
nss_winbindd has the great advantage that it can be tweeked to in facts
support global groups into local groups as a real PDC do.
That thing cannot be done with nss_ldap.
so if nss_winbind can access the passdb then it would be great.
the esaiest way is to do it through winbind
I'm open to other solutions, if any, as well.
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l. - http://www.xsec.it
via Durando 10 Ed. G - 20158 - Milano
mobile: +39 329 328 7702
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030629/145938c4/attachment.bin
More information about the samba-technical