your s3-auth branch

Jeremy Allison jra at
Wed Aug 11 11:30:01 MDT 2010

On Wed, Aug 11, 2010 at 02:53:54AM -0600, idra at wrote:
> Because the AD DC case is not the only case we need to support, there is the NT4 style DC,
> the member server, the standalone server and probably more.
> The RPC interfaces are set in stone and we always need to get them right anyway, so using
> them allows us much more flexibility. We can use a samr daemon/implementation in the AD DC
> case and another one in the member server case. And I plan to use yet another implementation
> or something based on the current ldapsam in S3 for my trust-rel work in IPA.
> RPC interfaces makes any of this *much*, *much* simpler, and avoid layering leaks and
> shortcuts that made our code such a mess in the past and we are still fighting to clean
> up.

+1 from me. Having worked on this code (and been responsible for many
of the mistakes mentioned above :-) I would really like to move to the
RPC interface, as a way of simplifying this.


More information about the samba-technical mailing list