[Samba] Does anybody use idmap_adex?
simo
idra at samba.org
Mon Jun 28 09:29:01 MDT 2010
On Mon, 2010-06-28 at 10:24 -0500, Gerald Carter wrote:
> On 06/28/2010 10:13 AM, simo wrote:
>
> >> There's some confusion here. The idmap_adex() doesn't have
> >> anything to do with Likewise Cells. It's just an rfc2307
> >> idmap module with support for domain trusts. The comments
> >> in the code are misleading only because it was derived from
> >> my original code at Likewise.
> >>
> >> That said, if no one is using it, my suggestion is to remove
> >> it on the basis that it is currently unmaintained.
> >
> > Jerry, are there other modules that would allow us to do one way trust
> > while keeping info on AD ?
>
> Hey Simo,
>
> The idmap_adex trust support was for cross-forest transitive
> trusts.
>
> You can't do one-way trusts like this anyways (neither does
> idmap_adex). The one-way trust support is (was) in winbindd
> core code and made use of the rpc SID/Name translation.
> You just can't obtain any attribute information from the
> wrong side on a one-way trust.
Ok, for some reason I thought information was maintained on your side of
the trust using the cells.
If that's not the case and adex does not provide any additional feature
then I will let you and Volker decide what to do with this module.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
More information about the samba
mailing list