svn commit: samba r13017 - in trunk/source: lib utils

Andrew Bartlett abartlet at samba.org
Thu Jan 19 10:11:43 GMT 2006 

On Thu, 2006-01-19 at 03:10 -0600, Gerald (Jerry) Carter wrote:

> Beyond that the unix domain socket appeals to me.  I'm not sure
> that it a good thing yet.  The more we eat our own dogfood (internal
> APIs), the better we will be.  But it's late, and I need to think
> some more.

Only marginally related to this, but this provides a good context for a
point I noticed while playing with Samba4 LDB modules.

Over the past few months, I've been trying to move as much 'logic' as
possible from Samba4's initial template files (ldif user/group/etc
entries for the first-time database) into ldb modules, to determine at
runtime. 

For example, we have an ldb module for handling password hashes, another
for SID allocation, another for GUID allocation etc.  (Previously we
would allocate these values in the raw LDIF and simply import them
intact into the DB.)

In doing so, I found myself fixing bugs.  The previous setup worked
fine, but now we eat our own dogfood in the earliest, most critical
stage of the installation.  If we break some detail about adding users,
we don't get an Administrator account (and we notice), which is far
better than having user creation fail in odd ways later. 

Now, I also see the opposite side of the problem:  For the moment, I
create the DC's domain self-join account via LDIF at setup time.  But
the 'net join' code does things like updating an existing account:
Should I continue an approach that doesn't require smbd to be running,
or somehow schedule the join to occur at a later point?

I tend to favor solutions that don't require the running smbd, but it is
a valid point of discussion.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060119/101e2651/attachment.bin

More information about the samba-technical mailing list