s4 winbind add some rpc does it worth it ?
Matthieu Patou
mat+Informatique.Samba at matws.net
Tue Mar 2 11:57:41 MST 2010
Hello,
The title of my email says mostly all, as some of you have heard I'm
working on winbind in s4 because I need it (I'm getting bored of
3000007 groups, ...).
So far the job was pretty easy, and I expect that the result worth the
time I invested even if with couple of month this code will be useless
because s4 should be able to use s3 winbind or will ship with s3 winbind.
Now I find that the groups returned are not complete because the rpc
call that is used well is specified not to return all the group (not to
name the case of groups of groups) it is samr_GetGroupsForUser
even with the help of GetAliasMembership I still miss a kind of groups
(universal ones).
A look at s3 way of doing things showed me the solutions: tokenGroups
(not implemented yet in s4) and a fallback to LDAP request on
member/memberof (so at least we can have all the groups).
That means a new rpc (I think) in s4 winbind which is a bit of work (and
tests).
Maybe it worthless ? how soon do we plan to do the S3 winbind move ?
Any comment on this will be greatly appreciated.
Matthieu.
More information about the samba-technical
mailing list