Usability of 'samba-tool domain provision'
Rowland Penny
repenny241155 at gmail.com
Thu Jun 2 19:44:31 UTC 2016
On 02/06/16 20:21, Andrew Bartlett wrote:
> On Thu, 2016-06-02 at 15:19 +0100, Rowland Penny wrote:
>> On 02/06/16 14:02, Andrew Bartlett wrote:
>>> On Thu, 2016-06-02 at 12:28 +0100, Rowland Penny wrote:
>>>> Ok, before I alter my patches, can you confirm, it is just the
>>>> change
>>>> of
>>>> 'realm' & 'domain' from options to args, you are against, or is
>>>> there
>>>> anything else ?
>>> The user should not be prompted about use_xattrs. In fact, just to
>>> demonstrate that Samba development is always an art both of knowing
>>> the
>>> rules and of knowing when not to apply them, I would argue we
>>> should
>>> actually drop the --use-xattrs option, or at least hide it.
>>>
>>> https://git.samba.org/?p=asn/samba.git;a=commitdiff;h=4ee1d4b209a1e
>>> 11f2
>>> b62087e09d9f221d85bd137
>> If I understand you correctly, don't ask about 'use_xattrs', remove
>> the
>> option and set 'use_xattrs' to 'auto'.
> Yes, remove it from interactive, setting to auto.
>
> Then add "(deprecated)" to the help text for --use-xattrs, so we can
> get rid of it in another release cycle (our standard is to give one
> release of notice for these things).
OK, will do.
>
>>> For the password check, I would prefer if we re-used the same
>>> complexity check as the DB will use, perhaps by adding a python
>>> binding
>>> to the C function in use. Otherwise I fear the two will diverge,
>>> and
>>> just cause further confusion.
>>>
>>> https://git.samba.org/?p=asn/samba.git;a=commitdiff;h=f56bb2c2edbc7
>>> c0ad
>>> 406d642f2de2f09a25b85b2
>>>
>> Ah, here again, this is something I have never done, which 'C'
>> function
>> are you referring to ? and is there anything in samba-tool that
>> already
>> does something similar, that I can examine for clues :-)
> Sadly no, and creating new C bindings isn't trivial either. I realise
> this is harder, but I would still prefer it was done right.
I did some investigation into this and I think it is going take me some
time to get my head around it, so I will remove the password patch until
such time as I get can get it to work :-)
I will post a new set of patches as soon as possible.
Rowland
>
> The C fuction is samdb_check_password() in source4/dsdb/common/util.c
> and the bindings for this kind of thing are via source4/dsdb/pydsdb.c
> via python/samba/samdb.py.
>
> Andrew Bartlett
>
More information about the samba-technical
mailing list