KDC built in or out of smbd
Andrew Bartlett
abartlet at samba.org
Wed Nov 30 22:21:54 GMT 2005
On Wed, 2005-11-30 at 20:21 +0100, Stefan (metze) Metzmacher wrote:
> Krishna Ganugapati schrieb:
> So if *you* want you can do everything, create your own ntvfs_ipc module that passes
> the requests to another unix process,(via our IRPC code or via unix sockets or ...)
>
> Or you can create you own dcerpc endpoint module and let this pass the requests to another
> unix process.
>
> Or you can create your an auth module and replace the auth_sam with something like the
> auth_winbind code...
>
> Or you can write your own process model module....
>
> But at least when you want to be act as a AD Domain Controller, you need the LDAP-Server, the
> KDC-Server, the SAMR-DCERPC module, the auth_sam module to access the sam.ldb,
> witch is the LDAP-like database that stores the AD tree.
The short way of expressing the above is that interprocess abstraction
is quite possible, and practical. Personally, I liked the idea (if
perhaps not the implementation) of the Samba-TNG separation of services.
I haven't made a fuss here about it, because if I ever really, really
get that urge, we already have all the plug-in interfaces to handle
exactly that.
None of that changes the trusted set of processes however.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051201/60472fec/attachment.bin
More information about the samba-technical
mailing list