Re: Winbind - functionality extension needed

Ondrej,

>> Not entirely true.  There several options like nss-ldapd, the similar
>> overlay in slapd, nscd, etc....
>>  
>
> Maybe nss_ldapd would do the job - but definitely a daemon reading
> keytab file (managed by samba) would be necessary.
> But from what I see nss_ldapd can not read Kerberos keytab (and besides,
> will it go in RHEL?)

The nssldapd overlay is part of upstream OpenLDAP.  If you
are bound by what's in RHELs then really extending Winbind doesn't
help you much either.

> and nscd only solves caching.....

No.   nscd also solves the problem of calling into nss_ldap
in the user context (i.e. permissions on the system keytab).

I'm just offering suggestions.  Having winbindd deal with
other NIS maps seems a bit out of mainstream IMO.  But it's not
really my call.





cheers, jerry
--
=====================================================================
http://www.plainjoe.org/
"What man is a man who does not make the world better?"      --Balian