Re: password API needed

Jeremy Allison (jallison@whistle.com)
Tue, 19 May 1998 11:21:44 -0700

Date:	Tue, 19 May 1998 11:21:44 -0700
From:	Jeremy Allison <jallison@whistle.com>
To:	lkcl@switchboard.net
Subject: Re: password API needed

Luke Kenneth Casson Leighton wrote:
>
> ok: i've just added code that allows "optional" support for get/add/mod -
> smb_passwd or sam_passwd functions. there are three get, one add and one
> mod set of smb and sam21 functions.
>
> if neither are supported by the back-end password database, a run-time
> warning is generated.
>

I'm getting Luke to fix this - for the reasons I posted
yesterday. There should be no null entries in the vector
table.

He is going to put this back as it was :-).

> i also reverted some code that immediately converts rids to unix uids,
> inside the lib/rpc code. i do not believe that this is a good idea: it
> places a restriction on all password database systems that there must
> exist a monotonic mapping of unix uids to nt user rids, in order to do
> proper lookups by rid (which is unique).
>

My opinion is that this mapping *has* to exist
for a password database to function in a UNIX
environment.

> the limitation (restriction) inherent in one password database system,
> because it does not support rids and has to use pdb_user_rid_to_uid()
> should not be imposed on the samba domains code, in my opinion.
>

This is still a hotly contested issue. We've had
'discussions' on this :-). We've decided to leave
in the lookup by rid code for now - but I still want
it gone from the tree :-) :-).

Jeremy.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------