Reasoning for auth_samba4.c
Volker Lendecke
Volker.Lendecke at SerNet.DE
Mon Dec 2 02:12:47 MST 2013
On Fri, Nov 29, 2013 at 06:20:26PM +0100, Volker Lendecke wrote:
> On Sat, Nov 30, 2013 at 06:04:56AM +1300, Andrew Bartlett wrote:
> > On Fri, 2013-11-29 at 10:01 +0100, Volker Lendecke wrote:
> > > Hi, Andrew!
> >
> > > In the past I've put
> > > quite significant effort to get rid of procid_self. I would
> > > like to completely remove this and always go via
> > > messaging_server_id. Via new_server_id_task we acquired a
> > > new call to procid_self, which is a new stumbling block for
> > > removal of that routine. So I would like to know about the
> > > reasons why this is strictly necessary in the current setup.
> >
> > It provides a deterministic client-side address for the imessaging
> > library to use, rather than the previous approach of selecting a random
> > number.
>
> True. But this does not really answer my question: If we did
> this via a NETLOGON call over a unix domain socket, wouldn't
> that also work? For that we also have very elaborate
> infrastructure available and don't need imessaging in this
> place.
>
> The question was -- what does the gensec call via imessaging
> gain us in this particular place? Don't get me wrong, I
> kindof got over my objections against gensec. It might have
> its place, and we will use it more and more. It's the
> particular use of it in auth_samba4 that I would like to
> understand the reasoning for.
Can I take your silence as consent that you would not object
to replacing auth_samba4 with something that uses a NETLOGON
connection?
Thanks,
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list