[SAMBA4] Unrolling of groups (task for someone)
Andrew Bartlett
abartlet at samba.org
Fri Apr 3 02:39:42 GMT 2009
Another Samba4 task that someone might like to take on is group
unrolling:
In AD, groups can be members of groups, but Samba4 does not recognise
this, either in the PAC we return to Kerberos clients, or when we accept
a login from a user who's groups are members of local system groups
(such as the domain administrators being in 'administrators' of the
local system).
Perhaps someone would like to take this on?
Writing comparative tests to show that the new behaviour matches AD
would be a key part of this task.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090403/fc6bb66f/attachment.bin
More information about the samba-technical
mailing list