On Tue, Sep 24, 2002 at 05:53:20PM +0200, Martin Wilck wrote:
What we discussed so far were user authentification and user/group/hostname lookups. Of course, this is only a small subset of the NETAPI interface.
winbindd itself can do more, for example lookup a user SID on the remote server. Even more functionality would be available by linking directly against the Samba library libsmbclient.so, but we can't do that due to license issues.
Perhaps we should think about an extended winbindd that would follow similar lines as the current Samba winbindd (talk to Unix Apps through a Unix domain socket), but offer even more functionality that isn't implemented in winbind because the information passed by such calls makes no sense to Unix applications.
AFAICS, winbind does not expect applications to pass Unicode strings for user names, domain names, etc., either. Our winbindd replacement would need to be able to handle that, too; otherwise we wouldn't be able to pass Unicode strings from a Windows application to a Windows server without corruption.
The winbindd replacement would need to be GPLd in order to link against Samba libraries.
That way wine would be able to use the existing samba functionality. If we had such a daemon, we could to reconsider the PAM and NSS routes because these probably won't be Unicode aware for some time to come (correct me if I'm wrong).
Er, um... PAM and NSS will *never* be Unicode-aware. There's no reason for either of these APIs to care about the character set of the input values (though individual modules may have reasons to care). And if you mean UCS2-capable, don't expect for that to happen, either: Unix already has a standard Unicode encoding, and it supports all 32-bits of the codepoint space and does so without breaking traditional C string handling, thankyouverymuch.
Regardless, I agree that PAM and NSS are probably not what you're looking for. What you're probably *really* looking for is a complete DCE/RPC implementation for Unix, of the sort that dcerpc.org aims to provide. I know from talking with some of the Samba-TNG developers that they, at least, are eager for Wine to work with them to standardize on a common set of RPC implementations. :)
Of course, we might as well try to convince the Samba team to offer more functionality through winbindd itself, or submit patches for winbindd to them.
Not what winbindd is meant for, really.
Steve Langasek postmodern programmer