[PATCH] Allow winbindd to be run in the AD DC
Andrew Bartlett
abartlet at samba.org
Sun May 4 21:50:59 MDT 2014
On Tue, 2014-04-29 at 03:05 +0200, Kamen Mazdrashki wrote:
> Hi Andrew,
>
>
> On Mon, Apr 28, 2014 at 10:08 PM, Andrew Bartlett <abartlet at samba.org>wrote:
>
> >
> > On Mon, 2014-04-14 at 16:05 +1200, Andrew Bartlett wrote:
> > > On Wed, 2014-04-09 at 15:37 +1200, Andrew Bartlett wrote:
> > > > My testing is going surprisingly well, and the full branch can be seen
> > > > here:
> > > >
> > > >
> > http://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/ad-dc-winbindd
> > > >
> > > > Attached is a patch to allow winbindd to be launched just as smbd is,
> > by
> > > > the samba process. As well as matching my proposed deployment pattern,
> > > > it allows testing by simply changing the smb.conf configuration or
> > > > defaults.
> > > >
> > > > More broadly with this and the other patches I've sent or in the link
> > > > above, the passdb_samba_dsdb module is doing the hard work in the
> > merged
> > > > winbindd, providing access to the users and groups, and most critically
> > > > to the idmap database.
> > > >
> > > > Currently we run the source3 RPC servers, not the source4 servers as
> > the
> > > > code to use the RPC pipes does not appear to be being invoked from
> > > > winbindd.
> > > >
> > > > Even so, while we don't have a lot of tests for winbind, much of what
> > we
> > > > do have does pass, and I would be very interested in seeing how this
> > > > works for others.
> > >
> > > Any comments on my patch, my approach or why the named pipe forwarding
> > > doesn't work for the winbindd code?
> > >
> > > It has been long said that making the AD DC use winbindd is a important
> > > task and a blocker for some users, so I'm curious to know if anyone else
> > > is interested on working with me on this, or at least testing out the
> > > WIP branch.
> >
> > Can I at least have this patch, to allow 'samba' to start winbindd as a
> > service reviewed? It mirrors the approach used for smbd.
> >
> >
> http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=8cb7032d32ca60e2cd5e5bb817a0571c90db527e
> http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=63620e7a0b6c7854329f49d618a29614993dcfd5
> http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=5bffaf37a806024f76eaca525ef0f1100943341a
>
> ^^^ Reviewed-by: Kamen Mazdrashki <kamenim at samba.org>
>
> Rest of the patches I don't quite understand and can't review atm :(
Can I please have these remaining patches reviewed.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-passdb-Allow-a-passdb-module-to-do-idmap-for-everyth.patch
Type: text/x-patch
Size: 5360 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140505/098542b9/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-s3-winbindd-Honour-pdb_is_responsible_for_everything.patch
Type: text/x-patch
Size: 1585 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140505/098542b9/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-winbindd-Remove-pointless-if-statement.patch
Type: text/x-patch
Size: 1950 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140505/098542b9/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-s3-rpc_server-Give-log-messages-on-failure.patch
Type: text/x-patch
Size: 1243 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140505/098542b9/attachment-0003.bin>
More information about the samba-technical
mailing list