IMHO: Winbind in Samba4
Richard Sharpe
rsharpe at richardsharpe.com
Sun Jan 9 03:36:23 GMT 2005
On Sun, 9 Jan 2005, Stefan (metze) Metzmacher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Richard Sharpe schrieb:
> | On Sun, 9 Jan 2005, Simo Sorce wrote:
> |
> |
> |>On Sat, 2005-01-08 at 18:25 -0800, Richard Sharpe wrote:
> |>
> |>>On Sun, 9 Jan 2005, Simo Sorce wrote:
> |>>
> |>>
> |>>>On Sat, 2005-01-08 at 16:22 +0100, Gémes Géza wrote:
> |>>>
> |>>>>If I'm not wrong you suggest that Samba4 ADS will implement the posix
> |>>>>account stuff through winbind?
> |>>>>Something like in the attached ASCII graphic?
> |>>>
> |>>>Even better in some situations (eg. NAS boxes) Samba4 will not even need
> |>>>to ask the system for users as it will know it is the primary source for
> |>>>users account, so you will not need to do the round-trip. In other
> |>>>system you will probably only need to check unix accounts for some
> |>>>users, in others /etc/passwd will be the master.
> |>>
> |>>Well, some NAS boxes will be like that. Probably the smaller stand-alone
> |>>NAS boxes. However, larger NAS boxes are most likely to be a member
> |>>server.
> |>
> |>Same thing, the NAS box will have a local SAM anyway, and may well
> |>consider its SAM + the DC SAM to be authoritative, and never require you
> |>to do the round-trip, but go directly to ask winbindd.
> |
> |
> | Ummm, we do not want a local SAM. All account and group information should
> | be in LDAP or NIS and the PDC's SAM.
>
> then just don't use it, there'll be only the builtin aliases and the local administrator
> and guest (disabled) by default.
> (just like a just installed windows member server)
Sure, I was just pointing out to Simo that there are many ways that people
want to use these things.
Regards
-----
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
More information about the samba-technical
mailing list