[SAMBA4] libnet in winbind

Andrew Bartlett abartlet at samba.org
Tue Jul 24 23:07:30 GMT 2007


On Tue, 2007-07-24 at 19:31 +0200, Kai Blin wrote:
> On Tuesday 24 July 2007 07:59:04 Andrew Bartlett wrote:
> > Just a quick note to let you know that I've tried to add the code to
> > winbind, to allow easy use of libnet.
> >
> > The idea is simple:  On each 'domain' structure, there is a libnet_ctx,
> > already correctly initialised.  This should make it much more practical
> > to implement a new winbind call, or to merge existing winbind and libnet
> > functionality.  Listing users and groups would seem an ideal place to
> > start. (And I'm happy to help with that, if you need it).
> 
> I'm just not entirely sure how to get to that domain structure. Do I need to 
> set this up in all of the nss calls? How would this work for domains we're 
> not part in? The DC should take care of those, right?

For some calls yes, for others no:  For sid2name and name2sid, we can
ask our DC, if we are a member of a domain (but must ask the others if
we are a DC).  For things that require the user's display information
(like getpwnam), you will need to contact the target DC (or look in a
cache from the login). 

So, to process a getpwnam, we perhaps need to:

name -> sid on the name (having split the name) with
wb_cmd_lookupname_send()

sid -> domain on the resulting sid with wb_sid2domain_send()

Then call libnet_UserInfo_send with domain->libnet_ctx and the struct
libnet_UserInfo filled out. 

Yes, it's a bit complex - perhaps we need a name2domain call to handle
the first two parts. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070725/d3f14d2f/attachment.bin


More information about the samba-technical mailing list