[PATCH] Expanding nested groups in winbindd_getgrnam()
Gerald (Jerry) Carter
jerry at samba.org
Wed Jun 13 18:08:41 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Volker Lendecke wrote:
> On Wed, Jun 13, 2007 at 12:33:16PM -0500, Gerald (Jerry) Carter wrote:
>> The names are confusing but "windows nested groups"
>> implements the NT4 model of local groups (e.g.
>> BUILTIN\Administrators). The "winbind expand groups"
>> patch unrolls nested domain groups.
>
> Why have a parameter for that at all? I would consider this
> to be a plain bug. I've also read somewhere that the nesting
> limit for Windows global groups is 128, so we could stop
> there.
For one thing this is not an async op yet and so deep group
unrolling could block the main parent for a non-trivial
period of time. If we fixed that, then removing the parameter
might be a possibility. We could up the default to go say
three levels deep by default through.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGcDKpIR7qMdg1EfYRAhpAAJwM9v3Y3awrUXlH3YyVP++Y7nAyNgCgs1sq
D2CrOXSswIlF8/VPrAA8O9k=
=/lsF
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list