Radically trim down winbind?

Volker Lendecke vl at samba.org
Fri Nov 4 12:19:00 UTC 2016

On Fri, Nov 04, 2016 at 01:12:17PM +0100, Stefan Metzmacher wrote:
> I case we really need, we should have one dedicated winbindd child
> per logged in user, where we do administrative tasks, but using
> the users credentials and not the machine credentials.
> The user would need to do an implicit or explicit wbinfo --pam-logon=
> before. root may use the machine account, but everything should
> still be in a dedicated child, completely isolated from the core
> winbindd logic.

I thought about that. But with cached credentials we could have all of
that logic in user space programs with winbind just taking care of the


More information about the samba-technical mailing list