svn commit: samba r10838 - in
branches/SAMBA_4_0/source/winbind: .
Volker Lendecke
Volker.Lendecke at SerNet.DE
Sun Oct 9 09:44:29 GMT 2005
On Sun, Oct 09, 2005 at 07:03:42PM +1000, Andrew Bartlett wrote:
> My only worry is that we now have two ways we get the auth2'ed pipe:
> Either in the librpc code or in winbindd. Your approach nicely takes
> advantage of the way I re-designed that area, however.
winbind needs to take care of finding DC's and keeping connections open to
domain controllers anyway. Opening many persistent SMB connections to DC's is
not an option, there might be *many* of them. I've seen an installation with
500 resource domains all trusting a single central user domain. Every resource
domain was equipped with PDC and BDC, and the (older) winbinds on those opened
3-4 connections to the 2 central DC's each. That just killed the central
DC's. This installation started the rpc redesign in Samba3. So in Samba4 I'd
rather not make this mistake again and re-use SMB connections as much as I
can.
So I'd rather vote for winbind providing the services everybody needs via
irpc than everybody opening connections himself.
> Examples of how to do a netlogon are in the RPC-SCHANNEL, RPC-SAMLOGON
> and RPC-NETLOGON tests. I personally really like the SamLogonEx call,
> where we don't have to worry about the credentials chaining (but we need
> to make Samba3 support it, and fallback...).
You know how I think about backwards compatibility. :-)
> I'm happy to help.
Thanks!
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20051009/92d710b8/attachment.bin
More information about the samba-technical
mailing list