[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-917-g8e19a28

Andrew Bartlett abartlet at samba.org
Wed Feb 18 19:13:06 MST 2009


On Wed, 2009-02-18 at 09:44 -0800, Jeremy Allison wrote:
> On Wed, Feb 18, 2009 at 02:15:25PM +1100, Andrew Bartlett wrote:
> > 
> > What happens if their isn't a PAC?  How do we construct the token then?
> > (Isn't that the goal you are after - pretend AD isn't useful for
> > authorization). 
> 
> No, I don't think so. All this is doing is using AD or another
> method for authentication then switching to NSS for authorization.
> I can see why some sites would need this.

That was actually my point.  Don't we already need (have) this code path
for the cases where we are in an MIT realm, and therefore are not
supplied a PAC?

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090219/8e3119e9/attachment.bin


More information about the samba-technical mailing list