design for storing trusted domain passwords in ldap

Gerald (Jerry) Carter jerry at samba.org
Wed Jan 17 17:57:21 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

simo wrote:
> On Wed, 2007-01-17 at 17:28 +0100, Volker Lendecke wrote:
>> On Wed, Jan 17, 2007 at 02:51:06PM +0100, Michael Adam wrote:
>>> Attached, find a patch with these changes to the schema file.
>>>
>>> Are there any opinions about this?
>> As told face-to-face, I'd say this looks sane.
>>
>> Jerry, Simo?
> 
> Except for the Description of 'sambaTrustedDomainName' which have 'the'
> and 'own' reversed it seem ok to me.
> 
> I have a question.
> This object will hold just one way of the trust.
> I seem it would make sense to have it so that both ways of the trust are
> held in the same object.
> But it is obviously not in this proposal, is there a reason for that?

The other direction is stored as a sambaSamAccount object
(e.g. DOMAIN$) in the passdb.






cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFrmN2IR7qMdg1EfYRAi+DAKDE/Cw6n09qcASGA2T1bkJpO58pdwCguhY/
8M+/qwgIZYl11AjanJfMNho=
=0GmQ
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list