On Tue, 2007-09-04 at 12:39 -0500, Gerald (Jerry) Carter wrote:
> Your service may implement a similar features but
> it does not appear to be a replacement for Winbind.
Exactly, I have no interest in re-doing what works well.
> So I don't see any need to continue an abstract
> discussion. Looks to me that FreeIPA is doing providing
> a different service. You only want to piggy back off
> of Winbind's infrastructure.
Yep, but this is a separate discussion, I will come back on to this
> > Perhaps by mechanism you mean something different from
> > what I mean.
> Frequently the discussion of policy vs. mechanism is used to
> discuss device drivers in the kernel. But the same applies
> to Code Reuse as mentioned here:
Ok I see what you mean but this doesn't seem to change much the
discussion, actuallyit argues for more unification of affine mechanisms.
Not PAM but ntlm_auth as well as other authentication services may want
to use a common policy, so doing checks inside winbindd would make the
whole lot consistent instead of forcing developers to re-implement the
same stuff again and again. But we disagree on this point, so I will not
argue about it until I have some more concrete examples and numbers.
Samba Team GPL Compliance Officer