|
|
On Wednesday 19 September 2007 13:41:48 Andrew Bartlett wrote:
> > What is left to do
> > ------------------
> >
> > * PAC/info3 caching
> > As with NTLM caching, PAC/info3 caching was discarded. Caching is
> > only interesting once the other features are working and will be
> > implemented eventually.
>
> I actually disagree here. This is perhaps the only reliable way to get
> the groups a user is a member of, and should instead be the primary
> method by which this is obtained. There is rumoured to be kerberos
> calls to obtain a PAC for a user (without their password), and we should
> try and support this.
I'm not quite sure if I understand you correctly here. Are you saying that PAC
caching is needed to figure out group membership? I had the impression that
all the caching was doing was to save us another request for the PAC. Or do
you only get a PAC during the log-on?
Cheers,
Kai
--
Kai Blin
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
--
Will code for cotton.
|
|