> From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] > > I *really* don't like this. It's fine for a local hack > and probably a good solution in this case, but this will > bit rot in the tree so fast due to its very specific and > non-intuitive nature. > > A better general solution that would apply to more > networks would to allow the username map to be stored > in a directory services such as NIS or LDAP. > > If you want a pull based method, just have a cron job > on each server that rebuilds the file every 10 minutes. > No code changes necessary.
Yes, in my case, I can easily generate a new NIS map, if Samba becomes able to read the mappings from it. And this solution would be perfect in my case. But, I thought that allowing an external program to provide the mappings with its own logic would be a better solution, as it solves a much greater range of cases. Example : - if the information lies outside of NIS or LDAP, I have to add a push mechanism to update NIS or LDAP anytime I change my reference data. Or a cron job, as you suggest :( - if I cannot easily generate a map, for any reason. A rather simple case (just as an example) : if I want to give a Unix mapping to a Windows username only if his corresponding Unix home directory is viewable (through the automounter) from the Samba host. I also could use an external mechanism (maybe another NIS map) to restrict access to the Samba servers in my domain. And there are still many cases where the logic of pushing a plain list cannot be used (without cron jobs, again). In short, I think that the solution of getting the map from NIS or LDAP is a good one, but, if Samba could execute an external script to resolve the mappings, it would be much more general, not so complicated for the users, and easier to implement in the Samba code (and to document). It would also necessitate only one new configuration parameter. Regards François
Ce message et ses pièces jointes (le "message") est destiné à l'usage exclusif de son destinataire. Si vous recevez ce message par erreur, merci d'en aviser immédiatement l'expéditeur et de le détruire ensuite. Le présent message pouvant être altéré à notre insu, CALYON Corporate and Investment Bank ne peut pas être engagé par son contenu. Tous droits réservés. This message and/or any attachments (the "message") is intended for the sole use of its addressee. If you are not the addressee, please immediately notify the sender and then destroy the message. As this message and/or any attachments may have been altered without our knowledge, its content is not legally binding on CALYON Corporate and Investment Bank. All rights reserved.
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
