[Samba] "winbind enum = yes" ... oreilly samba books says "turn off" ... but things break. confused :-(

Gerald (Jerry) Carter jerry at samba.org
Wed Aug 15 20:41:54 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wilkinson, Alex wrote:
> Hi all,
> 
> In the Oreilly "Using Samba" book pg 292 it is recommended 
> to turn off Winbindd(8) user and group enumeration (very
> expensive operation). However, when doing this on
> FreeBSD -CURRENT the groups that users are in are not recognised.
> 
> When I enable user and group enumeration group 
> permissions work (at least for the first 16 groups)
> i.e. via chown(1).
> 
> So my  question is: From peoples' experience what 
> do you do ? Turn "enum" on or off ? And do you experience
> the same problem I do ? Or is this just a FreeBSD issue ?

If this is true, then it is a really bad design in
FreeBSD.  Timur, can you confirm this?  Does FreeBSD
rely on set/get/endgrent to to get group memberships?




cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGw2USIR7qMdg1EfYRAvtbAJwLOdTiaHEZ5K/mPtQM+hbWl2YYCwCgrbaY
H/tswsQvQKiIucK3xPlZHNc=
=8UGD
-----END PGP SIGNATURE-----


More information about the samba mailing list