selftest: re-enable nss_winbind via nss_wrapper in the test-envs.
Michael Adam
obnox at samba.org
Thu Feb 19 08:44:59 MST 2015
On 2015-02-19 at 14:53 +0100, Stefan (metze) Metzmacher wrote:
> Am 19.02.2015 um 12:55 schrieb Michael Adam:
> > On 2015-02-19 at 12:46 +0100, Björn JACKE wrote:
> >> On 2015-02-19 at 12:04 +0100 Michael Adam sent off:
> >>> This is not a matter of unresolved uids.
> >>
> >> actually this is the only drawback you have in this setup. So this is the only
> >> matter you might have ;)
> >
> > No. id mapping should still work, because winbindd is running
> > and smbd is talking to it. What does not work is nss for the
> > domain users, and smbd does rely on that.
>
> Where?
Example:
source3/auth/auth_samba4.c:
auth_methods->auth = check_samba4_security
check_samba4_security
-> make_server_info_info3
-> check_account
-> smb_getpwnam
-> Get_Pwnam_alloc
-> Get_Pwnam_internals
-> getpwnam_alloc_cached
-> getpwnam
I did not observe a problem (but I also never ran
samba without nss_winbindd). But I see this potentially
problematic code paths (and there ar more).
> What do you mean by "domain users" exactly?
User objects of (our) AD.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150219/84b97fb7/attachment.pgp>
More information about the samba-technical
mailing list