Re: Winbind - functionality

Subject:	Re: Winbind - functionality
From:	Ondrej Valousek
Date:	Wed, 22 Jul 2009 11:05:45 +0200

If the problem was so easy that a simple nss_ldap invocation handled it
properly, we would not have 'wasted' so much time on winbind.  It was
developed for a very real reason.

I agree with Andrew here - nss-ldap is a piece of crap for 2 reasons:
- the whole ldap library is loaded with every NSS library call
- no caching

- called in the user context, so can not use machine credentials toaccess AD

- extra configuration needed

All these problems are hopefully to be solved with the upcomingnss-ldapd but it is not stable enough yet. So I vote for winbind, too.The only problem with winbind is (as I already mentioned) limited systemdatabases support (to passwd and group)...

<Prev in Thread]	Current Thread	[Next in Thread>
Winbind - functionality extension needed&In-Reply-To=4A54AF7C.7020604@xxxxxxxxxx, MICHAEL BROWN Re: Winbind - functionality extension needed&In-Reply-To=4A54AF7C.7020604@xxxxxxxxxx, Andrew Bartlett Re: Winbind - functionality, MICHAEL BROWN Re: Winbind - functionality, Andrew Bartlett Re: Winbind - functionality, Ondrej Valousek <= Re: Winbind - functionality, MICHAEL BROWN Re: Winbind - functionality, Ondrej Valousek Re: Winbind - functionality, MICHAEL BROWN Re: Winbind - functionality, MICHAEL BROWN

Previous by Date:	Re: Winbind - functionality, Andrew Bartlett
Next by Date:	Re: Winbind - functionality, MICHAEL BROWN
Previous by Thread:	Re: Winbind - functionality, Andrew Bartlett
Next by Thread:	Re: Winbind - functionality, MICHAEL BROWN
Indexes:	[Date] [Thread] [Top] [All Lists]