svn commit: samba r13017 - in trunk/source: lib utils

[simo]

On Thu, 2006-01-19 at 10:22 +0100, Volker Lendecke wrote:
> On Thu, Jan 19, 2006 at 03:10:57AM -0600, Gerald (Jerry) Carter wrote:
> > I'm pretty much agree about pdbedit and groupmap.  And I
> > might be convinced to go along with 'net sam rights' as long
> > as its syntax matches 'net rpc rights' exactly.  If one gets
> > changed the other has to as well.
> 
> Ok, I'll go back and make both match exactly and re-add it then. Maybe tonight
> :-)
> 
> > Beyond that the unix domain socket appeals to me.  I'm not sure
> > that it a good thing yet.  The more we eat our own dogfood (internal
> > APIs), the better we will be.  But it's late, and I need to think
> > some more.
> 
> I mentioned Kerberos because one grief I have with the RPC approach is that the
> admin has to type in the password for every single operation. This makes it
> very awkward to use. Kerberos is one solution that is not available
> universally, some ssh-agent like tool another. smbi yet another one.
> 
> That's why I started the local-access tool.

When I first saw net sam rights, I had the same sensation Jerry
explained in previous emails.

But as an administrator I also found out that direct access is a
valuable tool.

Now what I would like to see is to NOT add any direct access tool to the
net suite. Net does really make people think of "network" and by
extension manipulation by network. And I think we should keep the net
tool only as a network tool so that admins use that when editing things
on other machines from their own workstation for example.

I'd like to see pdbedit modified to have all the other things that need
local access, like rights and group mapping, so that we can end up with
just 2 tools. One for network access and one for local direct access.

I can dedicate some time in polishing pdbedit if you can provide me a
list of wishes and you agree with me on this point.

Simo.

-- 
Simo Sorce
Samba Team
email: idra at samba.org
http://samba.org/~idra