[PATCH] groups in ldap
Simo Sorce
simo.sorce at xsec.it
Tue Mar 18 09:55:13 GMT 2003
On Tue, 2003-03-18 at 10:47, Volker Lendecke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > A schema similar to the one used for users,
>
> But if you look at sambaAccount, it firmly ties 'uid' with 'rid',
> which conflicts your point below.
Yes, I know :-(
> > so that you can create groups, with groups members, and optionally a
> > field for gid mapping perhaps.
>
> You want a memberSid that can occur multiple times?
random thoughts:
That's a good point. I would say yes, but I know this will be useful for
samba only, or through winbindd.
In my opinion a PDC should use winbindd locally and provide groups
functionality.
I also know that will not work nicely if you do not want to use winbindd
locally, as you will be required to make groups have same members for
local machine and samba. But at that point you can simply go on with the
current way. We may also use a switch in the conf to tell samba which of
the 2 (passdb or system) to look for group membership until the new code
is ready.
Simo.
--
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l. - http://www.xsec.it
via Durando 10 Ed. G - 20158 - Milano
mobile: +39 329 328 7702
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030318/85e23238/attachment.bin
More information about the samba-technical
mailing list