CVS update: samba/source/auth
Andrew Bartlett
abartlet at samba.org
Tue May 13 15:20:59 GMT 2003
On Wed, 2003-05-14 at 00:58, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 14 May 2003, Andrew Bartlett wrote:
>
> > We enable 'non unix accounts' by default, when the idmap range is set.
> > However, until winbind_passdb is implemented - and for the case where
> > it's implemented but not enabled - we will only allow machines to be
> > added this way.
> >
> > Because we know the range of rids we are using is safe, and because ldap
> > now properly increments this counter, I no longer consider it a hack.
> > It has graduated to 'inspired' ;-)
>
> I'm not sold, but I'm working on pdb_ldap.c fairly hard right now
> so I should have more comments this afternoon.
>
> I'm not happy at all about requiring an "idmap range" by default
> in ldapsam btw....
We don't require it (do we?). You only need it if you want to add
accounts for which you don't already have a RID. You get an RID if the
account exists in /etc/passwd, after add user scripts are run.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030514/c4f65f3d/attachment.bin
More information about the samba-technical
mailing list