winbind proxy only mode?
Andrew Bartlett
abartlet at samba.org
Mon Jun 28 22:37:56 GMT 2004
On Tue, 2004-06-29 at 02:42, Volker.Lendecke at SerNet.DE wrote:
> Hi!
>
> Besides doing idmap stuff winbind in Samba 3 has the very nice feature of
> speeding up the authentication against a DC a lot. It does so by caching an
> authenticated connection to the NETLOGON pipe of the DC right up to the
> SamLogon call. winbind offers the service to use this connection to the smbd's
> which don't have to find and connect to the DCs on their own.
>
> A little thing that has always annoyed me is the fact that winbind can not be
> run without the 'idmap [ug]id' parameters correctly set even if libnss_winbind
> is not used. The attached patch lets winbind start even if none of these
> parameters is set. Naturally, no id mapping can take place without them. This
> enables winbind to run in a netlogon proxy only mode.
I strongly agree. Having to configure IDMAP for a Squid/NTLM
installation (the other type of proxy ;-) is silly.
Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040629/730228c3/attachment.bin
More information about the samba-technical
mailing list