libwbclient - wbcLogoffUser() & wbcLookupDomainController
Stefan (metze) Metzmacher
metze at samba.org
Tue May 6 14:53:20 GMT 2008
here're some comments about the design of the new calls.
However see also my next mail about deferring all this...
> 1. wbcErr wbcLogoffUser(const char *username,
> const char *ccfilename);
> Some explanations. There is no current LogonUser pipe call.
> This is implicit in the Authenticate call. So I've not added
> a wbcLogonUser().
This is not true, wbcAuthenticateUserEx() doesn't provide the ability
to handle local logons as needed by pam_winbind and it should not.
I think we should have a wbcLogonUser() and pam_winbind should be able
to use it later (in v3-3).
I'm not yet sure about the prototype of wbcLogonUser()...
...but I think we should use arrays of a structure like this:
const char *name;
to pass extra data, e.g. needed for AFS krb5 logons in and out
> I debated dropping the cred cache pathood
> and having the library look up the default. This might still
> be a good idea to help relieve the burden on the application
> developer. But it can bet set to NULL to it's not that bad.
I think the wbcLogoffUser() call should also get the uid.
I think we can skip the ccache filename, as it's produced by the LOGON
call, so winbind should be able to reproduce it.
> 2. wbcErr wbcLookupDomainController(const char *domain,
> struct wbcDomainControllerInfo *dc_info);
Something like this looks good, but maybe we need an uint32_t flags as
input? Günther, you may have some additional comments here? Maybe we
should return the same as what we will store in gencache...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20080506/217c3004/signature.bin
More information about the samba-technical