winbindd, samba DC, and trusts
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Jan 29 08:18:37 GMT 2008
On Mon, Jan 28, 2008 at 03:44:04PM -0500, simo wrote:
> This may be tempting, but I wonder if this wouldn't make it a bit fuzzy
> for admins that changes command line options in init scripts and such,
> esp, for the conf file location.
Putting the whole command line of smbd might be possible.
> Would it be bad to make smbd listen on a pipe as well, and let the pipe
> be used only by winbindd ?
> That entry point would make it pretty clear this is winbindd speaking
> locally and smbd can set WINBINDD_OFF itself in that case.
Hmmm. Not sure I like this idea.
> We might even skip auth in this case and speed up the connection a bit.
> Not sure how much this would impact smbd though.
I could imagine a command line switch that maps anonymous
session setup to builtin\administrator *ONLY* in the case
when smbd is forked off a local process, so that normal file
system permissions work. I would not like the idea to have
the main daemon such an option. What happens if we get that
wrong somehow for a daemon that listens on network ports?
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080129/e5c11828/attachment.bin
More information about the samba-technical
mailing list