Simo Sorce wrote: > > On Sun, 2002-10-13 at 15:40, Andrew Bartlett wrote: > > Yep, that sounds worthwhile. We could even just make it a timeout - and > > finally put gencache to use :-). (mimir's generalised tdb cache). > > We do **not** need timeouts! > remember that sid->uid mapping is written in stone, once you have done > it it cannot be changed _ever_.
Well I've got a funny feeling sombody will change these - and I can think it would be a really nasty thing to track down for the admin. Re-polling the server doesn't cost us much, but this is a minor matter. > > > But to use ldap as a central storage you have to solve how to handle > > > foreign or builtin/special SIDs! > > > > Well, I was only looking at mapping our own domain - I was thinking the > > rest should happend via winbind. However, it does make more sense that > > this is all handled in one place. I think we can deal with this. > > if you want it to be fast, better it stay in one place. Fine by me. -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net