Re: configuration, ldap and NetInfo

Luke Kenneth Casson Leighton (lkcl@regent.push.net)
Thu, 16 Apr 1998 23:17:06 +0000 (GMT)

Date:	Thu, 16 Apr 1998 23:17:06 +0000 (GMT)
From:	Luke Kenneth Casson Leighton <lkcl@regent.push.net>
To:	Jean-Francois Micouleau <Jean-Francois.Micouleau@utc.fr>
Subject: Re: configuration, ldap and NetInfo
In-Reply-To: <Pine.OSF.3.95.980416184122.23879B-100000@kappa.utc.fr>

> I like that ! Currently I hacked up samba that if it doesn't find the user
> in the ldap base it falls back to standard method (etc/passwd and
> smbpasswd)

jf, that's... _almost_ like a "Domain User" and "local user" system,
where "Domain Users" are in the ldap database, and "local users" are in
the passwd/smbpasswd file.

my preference is that this does not occur, but that this occurs instead:

- the etc/passwd/smbpasswd should be a "cache" of the authoritative list
on the ldap (or other) server

if you do not have _access_ to the ldap (or other) server, then you fall
back to the etc/passwd/smbpasswd method.

if you _do_ have access to the ldap (or other) server, then you do _not_
then look up in the etc/passwd/smbpasswd file, but overwrite the entries
in the etc/passwd/smbpasswd file with those downloaded from the ldap (or
other) server.

> > allows specifying an order of lookups. Of course, real databases such as
> > NetInfo (ldap?) would retrieve even this from the database, not from a
> > file.
>
> isn't it a chicken and eggs problem ? :-)
>
> If the members of this list are interrested, I can send a mail to explain
> why ldap can be a good thing (tm) for samba.

oo, oo! yes please!

luke