[PATCH] Implement simple means of supporting pam_winbind UPNB logins.

jerry at samba.org jerry at samba.org
Sat Jun 30 22:16:28 GMT 2007


I know we've been around a few times on this whole upn 
logon approach.  I looked over your patch and it seems
much more complicated than I think it needs to be.
Basically I think we can have pam_winbindd do the upn -> 
sid -> sAMAccountName conversion and just extend the 
msrpc_name_to_sid() call to send the UPN (just as in your 
previous patch).

I've tested this in my local Centeris tree using ssh
and Gnome's gdm.  Seems to work fine.  What do you think?
It adds no new call to the winbindd_methods structure.
Nor does it require an explicit enable using a new
parameter in smb.conf.


$ ssh -l 'gcarter at ad.plainjoe.org' localhost
Linux rain 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686
Last login: Sat Jun 30 16:16:28 2007 from localhost

[AD\gcarter at rain ~]501$ groups
AD\unixusers plugdev admin powerdev AD\domain^users AD\domain^admins AD\unixadmins
 source/nsswitch/pam_winbind.c   |   55 +++++++++++++++++++++++++++++++++++++++
 source/nsswitch/winbindd_rpc.c  |    6 +++-
 source/nsswitch/winbindd_util.c |    2 +
 3 files changed, 62 insertions(+), 1 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fea6210b461a148e43430e886aa2ec36a457454b.diff
Type: text/x-patch
Size: 3555 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070630/53e2bb65/fea6210b461a148e43430e886aa2ec36a457454b.bin

More information about the samba-technical mailing list