On Sun, Nov 06, 2005 at 09:17:21AM +0100, Christian Perrier wrote: > > How about adding this to the init script then?:
> > if [ "`testparm -s --parameter-name='domain logons' 2>/dev/null`" = "No" ] \ > > && [ "`testparm -s --parameter-name='security' 2>/dev/null`" != "DOMAIN" > > ] > > then > > exit 0 > > fi > I'm not completely sure that using winbindd is limited to > "security=domain". I have no experience of "security=ads" for > instance. Same for "security=server". True enough, I forgot that it would need to support security=ads as well. (security=server is a kludge, though, and I'd be fine with not supporting it all -- and I particularly think we don't need to be supporting winbind in that config, since if it *did* work, it would be a security risk.) I talked to Andrew Bartlett on IRC briefly about this, and am convinced that the right solution is to fix winbindd so that it exits with a specific error code in situations when it shouldn't be running. That spares us trying to do string comparisons that rely on the output of testparm. I'll bring this up for discussion on the samba-technical list. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
