svn commit: samba r13017 - in trunk/source: lib utils

Gerald (Jerry) Carter jerry at
Thu Jan 19 09:10:57 GMT 2006

Hash: SHA1

Volker Lendecke wrote:

> The alternative I thought about was to have something like 
> ldapi. This would excercise the existing code paths a lot
> more. Or rely on Kerberos, but this from my point of
> view is not simple enough.

Simple enough for what ?  The user?  Do you mean that it
could have a higher failure rate that just touching the
db files directly?

> Apart from that, back to "net sam rights". I think it's 
> a bit difficult conceptually to have parts of our database
> only accessible via rpc. If we went down that path fully
> we could also dump pdbedit, smbpasswd and 'net groupmap'.
> I know I'm exaggerating it a bit now, but it's hard to explain 
> that parts of our "SAM" can be looked at directly and parts
> of it need a running smbd. Where do we draw the line?

I'm pretty much agree about pdbedit and groupmap.  And I
might be convinced to go along with 'net sam rights' as long
as its syntax matches 'net rpc rights' exactly.  If one gets
changed the other has to as well.

Beyond that the unix domain socket appeals to me.  I'm not sure
that it a good thing yet.  The more we eat our own dogfood (internal
APIs), the better we will be.  But it's late, and I need to think
some more.

cheers, jerry
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list