Removing (get|set)-auth-user from wbinfo
jra at samba.org
Wed Aug 12 10:57:56 MDT 2009
On Wed, Aug 12, 2009 at 03:43:09PM +0200, Kai Blin wrote:
> Hi folks,
> I'm currently trying to get wbinfo in samba3 and samba4 to use the same code.
> I've successfully eliminated all uses of lp_ functions. Those have a different
> API in S3 and S4 and also were a violation of abstraction layers.
> Now, in my quest to make wbinfo only use libwbclient functions I've stumbled
> over the --get-auth-user and --set-auth-user parameters. Those call into
> passdb/secrets.c to get/set "the authorised user for winbindd access",
> whatever that is used for.
> Is there any problem with me removing those?
Yes, I don't think you can remove these. They allow
a specific user to be set when winbindd authenticates
to a DC - for cases where anonymous or machine access
is disallowed. There are sites using this (which is
why they were added).
We need to find another way to keep this functionality
More information about the samba-technical