CVS update: samba/source/nsswitch
Andrew Bartlett
abartlet at samba.org
Mon Jun 23 05:41:31 GMT 2003
On Mon, 2003-06-23 at 15:10, jerry at samba.org wrote:
>
> Date: Mon Jun 23 05:10:08 2003
> Author: jerry
>
> Update of /data/cvs/samba/source/nsswitch
> In directory dp.samba.org:/tmp/cvs-serv18612/nsswitch
>
> Modified Files:
> Tag: SAMBA_3_0
> winbindd_ads.c winbindd_cache.c winbindd_group.c
> winbindd_rpc.c
> Log Message:
> * set domain->last_status = NT_STATUS_SERVER_DISABLED on an ads_connect() failure
> * Fix code to use winbind_rpc methods for trusted mixed mode or NT4 domains
> ( does no one ever test this? )
> * add in LDAP code to get the sequence number for rpc based seqnum update.
> ( this is needed if the DC is upgraded and samba is not reconfigured
> to use security = ads; it's not pretty but it works (from app_head) )
I really think we should get rid of 'security=ads'. Is there any good
reason to keep it?
I think we can get just as much info from run-time detection, and
storing some extra magic in secrets.tdb. (Like our principal name).
This, along with a 'server role' switch (with options of 'STANDALONE',
'DOMAIN MEMBER', 'PDC', 'BDC') would greatly reduce user confusion.
(Users could then specify 'security=server' or 'security=share' to get
the different sub-modes they want).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030623/69c2acb6/attachment.bin
More information about the samba-technical
mailing list