[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-917-g8e19a28

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Feb 16 17:49:04 MST 2009


On Mon, Feb 16, 2009 at 09:01:23AM -0800, Zachary Loafman wrote:
> The short answer is no, this can't be solved today without a code
> change. The customer has an environment where NSS is hitting LDAP/NIS,
> and they need the token to represent what comes back from NIS. It adds a
> prohibitive administration cost to require the customer to add a
> username map parameter for every new user in this environment.

It's not possible to do that with a cron job or a
replicating LDAP server?

> There are other possible code changes, but the way I went seemed the
> cleanest. I also considered adding some sort of wildcarding into the
> username map itself, but I think the way I implemented it is fairly
> straightforward.
> 
> I do agree that this entire path is too complex.

Part of this is there for a reason. We have tons of
scenarios we have to take care of, many of them for
compatibility. You for sure follow the samba at samba.org
mailing list, we still get bad complaints that
security=share works differently than it used to.

I REALLY don't want to mess with those code paths if there
are other alternatives around. Can't you hide that in some
winbind module or so?

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090217/c508344d/attachment.bin


More information about the samba-technical mailing list