Winbind - functionality extension needed
Gerald Carter
jerry at plainjoe.org
Wed Jul 8 15:52:08 GMT 2009
Ondrej,
>> Not entirely true. There several options like nss-ldapd, the similar
>> overlay in slapd, nscd, etc....
>>
>
> Maybe nss_ldapd would do the job - but definitely a daemon reading
> keytab file (managed by samba) would be necessary.
> But from what I see nss_ldapd can not read Kerberos keytab (and besides,
> will it go in RHEL?)
The nssldapd overlay is part of upstream OpenLDAP. If you
are bound by what's in RHELs then really extending Winbind doesn't
help you much either.
> and nscd only solves caching.....
No. nscd also solves the problem of calling into nss_ldap
in the user context (i.e. permissions on the system keytab).
I'm just offering suggestions. Having winbindd deal with
other NIS maps seems a bit out of mainstream IMO. But it's not
really my call.
cheers, jerry
--
=====================================================================
http://www.plainjoe.org/
"What man is a man who does not make the world better?" --Balian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20090708/b1374171/signature.bin
More information about the samba-technical
mailing list