Mandi! SATOH Fumiyasu
  In chel di` si favelave...

> > 9000_gaio_smbldap-passwd.patch:
> >  + as stated, fix the incompatibility with samba 3.2 in lenny
> Fixed in smbldap-tools 0.9.5.

Ok.


> > 9001_gaio_smbldap-useraccess.patch:
> >  + new script
> What are the use cases for this script?

As just (briefly) stated on my post, i use this as a 'root preexec'
script in [netlogon] share to update the samba Logon Time; the italian
privacy law speaks about logon time when prescribing password and
account expiration... clearly if i've changed password i've done a
implicit logon, so technically this script is the less meaningful...
but was my first script of the series, consider it an exercise (and,
really, does not harm at all ;-).


> > 9002_gaio_smbldap-useradd.patch:
> >  + fix incompatibility with samba 3.2
> Fixed in smbldap-tools 0.9.5.

Ok.


> >  + fix -T opton
> Where is the changes in 9002_gaio_smbldap-useradd.patch
> for fix? I could not find it...

in:

 @@ -402,7 +404,12 @@
      push(@adds, 'mail' => [ @mail ]);
  }
  if (@userMailTo) {
 -    push(@adds, 'mailRoutingAddress' => [ @userMailTo ]);
 +    my $suserMailTo = join(',', @userMailTo);
 +    if (defined($Options{'W'})) {
 +      my $localtime = time/86400;
 +      $suserMailTo = $suserMailTo . ':' . int($localtime + $Options{'W'});
 +    }
 +    push(@adds, 'mailRoutingAddress' => $suserMailTo );
  }
  if (@userMailLocal || @userMailTo) {
      push(@adds, 'objectClass' => 'inetLocalMailRecipient');
 @@ -429,10 +436,10 @@

clearly the 'if (defined($Options{'W'})) {}' is my -W hack. ;-)))


> >  + add -W option (email expiration hack)
> This is for your site local-purpose patch.
> Right?

Right. More on later.


> > 9003_gaio_smbldap-userexpire.patch:
> >  + new script
> Interesting. But this script has your site-local purpose hack!

Oh, yes. But if the script is useful, as a first solution simply remove
my hack! ;-)))
Simply remove the block under '# redirection expiring' (and relative variables
definitions and so on...)


> > 9005_gaio_smbldap-userwarn.patch
> >  + new script
> Interesting. 

Thanks. ;)
Indeed you have to remove my ''email hack'' also from here...

Clearly for smbldap-userexpire and -userwarn i've also built some bash
script that scan user base, execute on every account the script and catch
error codes, eventually doing some action (for me, send email).


For my '-W' hack... really it is an hack, i admit, but really i don't
know how to implement in a correct way...

I simply need a way to ''expire'' user redirection to external email
address, to prevent generically ''data leakage'' but also to prevent
backscattering (people ask a redirection on home address, then change
internet service provider, ...).

inetLocalMailRecipient object class does not have a ''time-like''
field; i've looked around for an objectclass that can be used (or
abused) for this, finding no one.

Extending a standard objectclass like inetLocalMailRecipient is a
no-options, building an objectclass on my own was out of my knowledge...
another option could be use an extensibleObject OC to insert a custom
field...


Really i've no knowledge of the better solution (or the last kludgy one
;), so i've simply (having totally the control of MTA) i've implemented
this one.


If someone have some better hint... i can try to reimplement it.
The point is that *I* *NEED* email forward expiration, so in some way
i've to impement. ;-)

-- 
dott. Marco Gaiarin                                 GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''                http://www.sv.lnf.it/
  Polo FVG  -  Via della Bontà, 7 - 33078  -  San Vito al Tagliamento (PN)
  marco.gaiarin(at)sv.lnf.it      tel +39-0434-842711  fax +39-0434-842797

                Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
           http://www.lanostrafamiglia.it/chi_siamo/5xmille.php
        (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

_______________________________________________
Smbldap-tools-tech mailing list
[email protected]
https://mail.gna.org/listinfo/smbldap-tools-tech

Reply via email to