[RFC] idmap_nss plugin architecture for winbindd
idra at samba.org
Thu Nov 16 05:32:47 GMT 2006
On Wed, 2006-11-15 at 17:16 -0800, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I've reworked the "winbind nss info" option to support
> plugins similar to "passdb backend" and "idmap backend".
> The reason for this is that when writing a new idmap
> backend, it is impossible to reconfigure where winbindd
> retreives the user's home dircetory, shell, and gecos information
> from without touching code winbindd code (see winbindd_ads.c
> in the original SAMBA_3_0 tree).
> What I have done is to create a very simple API and 2 initial
> providers: template, and rfc2307. The API consists of
> * init()
> * get_nss_info()
> * close()
> I've tried to maintain the current syntax of "winbindd nss info".
> For example, "winbind nss info = template rfc2307:BOOKS" means
> to use the rfc2307 information for users in the BOOKS domain.
> And fallback to the template smb.conf variables if necessary."
> The woinbindd's internal nss layer maintains a list of
> registered backends and a list of domain/backend mappings
> (see idmap_nss.[ch] for the upper layer code).
> I've posted a bzr tree at
> The code is not what I would call finished, but does
> compile and should give everyone an idea.
Very simple and clean.
Looks good to me.
I think it would be good to use the same way to define domains and
options I used for the new idmap backend.
Also is there a reason why you don't use talloc in new code ?
Samba Team GPL Compliance Officer
email: idra at samba.org
More information about the samba-technical