[PATCHES RESEND] idmap_rfc2307 module
Christian Ambach
ambi at samba.org
Tue Sep 18 19:34:36 MDT 2012
On 08/29/2012 02:41 PM, Andrew Bartlett wrote:
> Now, a real-world site trumps theoretical objections, and this module
> has a specialist role in an environment that is more strictly user/group
> delineated, but I wanted to explain my reasoning so you could see if
> there is any other way you could avoid embedding such a delineation
> while finding only the 'right' users.
Think of this module as a pimped version of idmap_ad that has the same
restrictions, but to make it work with the enhanced concepts of
sidhistory and groups owning files, SFU (or any other directory storing
rfc2307 records) would have to be enhanced as well to cope with that
approach. So long it must be acceptable as inherit restriction that
using these modules will result in the same restrictions that Samba <
4.0 always had.
As I couldn't find anything else in the patches I would dislike, I would
have pushed them now, but they do not apply to master anymore.
Christof, would you please provide an updated patchset?
And please make sure the module gets built by default (as long as the
prereqs were found during configure time) so we do not accidentally
break it in the future.
Cheers,
Christian
More information about the samba-technical
mailing list