On Sun, 2002-10-13 at 15:13, Stefan (metze) Metzmacher wrote: > I think idmap is the right place. we should move it from nsswitch to an own > directory and make it plugable. (See Roadmap of 3_0: it is needed)
I'm not sure we need it to be pluggable, please explain the benefits. > And let it map sid -> u/gids and u/gids -> sid. > > Maybe let it hold two contexts: why?? > 1. for all trusted domains (and our domain if we are a member server) > uses > winbind uid = > winbind gid = > > to export mapping to unix (nss_winbind) and samba > > 2. for our local sam (witch is also the domain sam if we are a DC) > uses > idmap uid = > idmap gid = > > to export mappings to samba (and maybe later also to unix via winbind) Makes no sense, we need only a single idmap that handles all sid->[u,g]id [u,g]id->sid, splitting it into pieces is the most wrong thing we may do. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399
signature.asc
Description: This is a digitally signed message part
