[GSoC 2007] Improving Samba 4 winbind, a look back.
Kai Blin
kai at samba.org
Wed Sep 19 13:11:07 GMT 2007
On Wednesday 19 September 2007 13:41:48 Andrew Bartlett wrote:
> > What is left to do
> > ------------------
> >
> > * PAC/info3 caching
> > As with NTLM caching, PAC/info3 caching was discarded. Caching is
> > only interesting once the other features are working and will be
> > implemented eventually.
>
> I actually disagree here. This is perhaps the only reliable way to get
> the groups a user is a member of, and should instead be the primary
> method by which this is obtained. There is rumoured to be kerberos
> calls to obtain a PAC for a user (without their password), and we should
> try and support this.
I'm not quite sure if I understand you correctly here. Are you saying that PAC
caching is needed to figure out group membership? I had the impression that
all the caching was doing was to save us another request for the PAC. Or do
you only get a PAC during the log-on?
Cheers,
Kai
--
Kai Blin
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070919/9f241913/attachment.bin
More information about the samba-technical
mailing list