Winbind - functionality extension needed

Gerald Carter jerry at
Wed Jul 8 15:52:08 GMT 2009


>> Not entirely true.  There several options like nss-ldapd, the similar
>> overlay in slapd, nscd, etc....
> Maybe nss_ldapd would do the job - but definitely a daemon reading
> keytab file (managed by samba) would be necessary.
> But from what I see nss_ldapd can not read Kerberos keytab (and besides,
> will it go in RHEL?) 

The nssldapd overlay is part of upstream OpenLDAP.  If you
are bound by what's in RHELs then really extending Winbind doesn't
help you much either.

> and nscd only solves caching.....

No.   nscd also solves the problem of calling into nss_ldap
in the user context (i.e. permissions on the system keytab).

I'm just offering suggestions.  Having winbindd deal with
other NIS maps seems a bit out of mainstream IMO.  But it's not
really my call.

cheers, jerry
"What man is a man who does not make the world better?"      --Balian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url :

More information about the samba-technical mailing list