[PATCH] Implement simple means of supporting pam_winbind UPNB
logins.
jerry at samba.org
jerry at samba.org
Sat Jun 30 22:16:28 GMT 2007
Guenther,
I know we've been around a few times on this whole upn
logon approach. I looked over your patch and it seems
much more complicated than I think it needs to be.
Basically I think we can have pam_winbindd do the upn ->
sid -> sAMAccountName conversion and just extend the
msrpc_name_to_sid() call to send the UPN (just as in your
previous patch).
I've tested this in my local Centeris tree using ssh
and Gnome's gdm. Seems to work fine. What do you think?
It adds no new call to the winbindd_methods structure.
Nor does it require an explicit enable using a new
parameter in smb.conf.
cheers,jerry
---
$ ssh -l 'gcarter at ad.plainjoe.org' localhost
Password:
Linux rain 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686
Last login: Sat Jun 30 16:16:28 2007 from localhost
[AD\gcarter at rain ~]501$ groups
AD\unixusers plugdev admin powerdev AD\domain^users AD\domain^admins AD\unixadmins
---
source/nsswitch/pam_winbind.c | 55 +++++++++++++++++++++++++++++++++++++++
source/nsswitch/winbindd_rpc.c | 6 +++-
source/nsswitch/winbindd_util.c | 2 +
3 files changed, 62 insertions(+), 1 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fea6210b461a148e43430e886aa2ec36a457454b.diff
Type: text/x-patch
Size: 3555 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070630/53e2bb65/fea6210b461a148e43430e886aa2ec36a457454b.bin
More information about the samba-technical
mailing list