| wasabi_ | I have no idea. | 12:03 |
|---|---|---|
| wasabi_ | Ya'll are trying to convince us to choose winbind, for very valid reasons. | 12:04 |
| wasabi_ | But of course, it's called 'WINbind' for a very valid reason. | 12:04 |
| abartlet | I'll assert that for sensible values of 'something else', that samba is very likely to be involved anyway | 12:04 |
| wasabi_ | Sure, any any networking involving any windows machine, Samba will be present. | 12:04 |
| abartlet | so, is it worth the effort to design the perfect system, for the network that does not exist? | 12:05 |
| wasabi_ | So, what I'm thinking of, is the pure Unix situation... Unix workstation authing against unix server. | 12:05 |
| wasabi_ | Also a good question. | 12:05 |
| abartlet | do such networks exist, in a scale worth considering these days? Isn't there always one windows desktop, to put a fly in the ointment? | 12:05 |
| wasabi_ | I want to know how far of a stretch is it to think that winbind could be extended to have a AD backend, and a plain kerberos-ldap backend. | 12:05 |
| === ajforgue [i=andrew@conference/ubuntuconf/x-8453dab6b9560f2f] has joined #Ubuntu-Directory | ||
| wasabi_ | And form a real replacement for NSS | 12:05 |
| abartlet | perhaps this is a more interesting line of enquiry: | 12:06 |
| abartlet | design a replacement for the ticket management components of winbindd | 12:06 |
| abartlet | sort of like kcm, I think | 12:06 |
| wasabi_ | I guess my vision is apps would talk to *bind directly. | 12:07 |
| wasabi_ | Avoiding the NSS layer. | 12:07 |
| abartlet | that would be a very poor solution | 12:07 |
| wasabi_ | Why? | 12:07 |
| abartlet | you need the plugin layer, and nss is the best we have | 12:07 |
| abartlet | I liked your idea of extending nss | 12:08 |
| wasabi_ | I think politically that would fall flat on it's face. | 12:09 |
| abartlet | why? | 12:09 |
| wasabi_ | Might be a POSIX issue out there... if we add a 'realm' table. | 12:10 |
| wasabi_ | Or all those new query APIs we would need. | 12:10 |
| wasabi_ | People would choose not to use them, for compatilbity to !linux | 12:10 |
| abartlet | the number of applications that need to use the new API? | 12:11 |
| wasabi_ | The async APIs, I'd hope everything. | 12:11 |
| wasabi_ | UI anyways. | 12:11 |
| abartlet | sure, now you have cut things down *a lot* | 12:11 |
| abartlet | only UI, and I suspect only GUI applications will want/need to use the new API | 12:12 |
| abartlet | in particular, ACL editors are the major case | 12:12 |
| wasabi_ | Yeah, well, I'd hope a "drop down of user lists" changes to a box similar to what's in windows, everywhere it's present. | 12:12 |
| wasabi_ | Which lets you search specific realms, etc. | 12:12 |
| wasabi_ | so you can type somebody's NAME, not just their username. | 12:13 |
| abartlet | it's not present in many places, and is a common GUI element in windows | 12:13 |
| abartlet | for good reason | 12:13 |
| wasabi_ | Sure. They'd be a single shared widget for it. | 12:13 |
| wasabi_ | I dunno. Do you think it'd be easier to build all the cool stuff into NSS, or build out winbind to have backend modules. | 12:15 |
| wasabi_ | And continue to use nss_winbind, just like now. | 12:15 |
| === nkassi_ [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| tmh_ | that's destroying the whole idea of NSS. NSS is supposed to be the thing with backends. | 12:22 |
| ajforgue | Is winbind only around to support Linux if the AD admin can't or won't extend the schema to support POSIX fields (SFU, ad4unix)? | 12:33 |
| abartlet | no, it does far more than that | 12:34 |
| wasabi_ | Other things than schema apply. | 12:34 |
| wasabi_ | password changing, host kerberos maintence, etc. | 12:34 |
| abartlet | and it does a far better job than just running nss_ldap on a client node | 12:34 |
| wasabi_ | creating the computer object on join, caching, etc | 12:34 |
| abartlet | we take advantage of the extra feilds, if present | 12:34 |
| wasabi_ | it does site locality stuff now too right? | 12:35 |
| abartlet | yep | 12:35 |
| ajforgue | got it, never used winbind before, I've always extended the schema | 12:35 |
| wasabi_ | It's a large base of logic which we really want, for non-AD, too. | 12:35 |
| === wasabi__ [i=wasabi@conference/ubuntuconf/x-12c062a24fe305ce] has joined #ubuntu-directory | ||
| === nkassi_ [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi_ [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi_ [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === nkassi [n=nkassi@WK20-156.lewisweb.net] has joined #ubuntu-directory | ||
| === wasabi__ [i=wasabi@conference/ubuntuconf/x-17961a374514710a] has joined #ubuntu-directory | ||
| === fernando [n=fernando@unaffiliated/musb] has joined #ubuntu-directory | ||
| === wasabi_ [i=wasabi@ubuntu/member/wasabi] has joined #ubuntu-directory | ||
| Burgundavia | ajmitch: you around? | 03:26 |
| ajmitch | Burgundavia: just back now | 06:55 |
| Burgundavia | ajmitch: put n-a up for disucssion, but I wonder if we can merge n-a and that eudubuntu spec | 06:56 |
| nkassi | Anyone here is an AD expert ? | 06:57 |
| nkassi | or knows AD a bit ? | 06:58 |
| Burgundavia | some, but knowledge is rusty and old | 06:59 |
| Burgundavia | but my, rather | 06:59 |
| ajmitch | Burgundavia: n-a covers more than just the edubuntu stuff though - there's quite a bit of overlap, but n-a covers the pam/winbind/nss stuff as well | 07:00 |
| ajmitch | putting n-a up for discussion may not be useful for the spec scheduler | 07:00 |
| nkassi | Ok, so OpenLDAP has .schema files but AD seems to have schema definitions stored within the directory is that correct ? | 07:01 |
| Burgundavia | ajmitch: you can pulli t off disuccsion then | 07:01 |
| === livingdaylight [n=conrad-l@82-35-48-222.cable.ubr03.camd.blueyonder.co.uk] has joined #ubuntu-directory | ||
| === stelis [n=se@82-71-4-26.dsl.in-addr.zen.co.uk] has left #ubuntu-directory [] | ||
| === fernando [n=fernando@unaffiliated/musb] has joined #ubuntu-directory | ||
| === stelis [n=se@82-71-4-26.dsl.in-addr.zen.co.uk] has joined #ubuntu-directory | ||
| === stelis [n=se@82-71-4-26.dsl.in-addr.zen.co.uk] has left #ubuntu-directory [] | ||
| === robertj [n=rcaskey@cai17.music.uga.edu] has joined #ubuntu-directory | ||
| === SimonAnibal [n=sruiz@66.244.123.100] has joined #ubuntu-directory | ||
| === nkinder [i=nkinder@nat/redhat/x-af6215dbcb996e7d] has joined #ubuntu-directory | ||
| === MagnusR [n=magru@c83-250-59-127.bredband.comhem.se] has joined #ubuntu-directory | ||
| === SimonAnibal [n=sruiz@66.244.123.100] has joined #ubuntu-directory | ||
| === wasabi_ [i=wasabi@ubuntu/member/wasabi] has joined #ubuntu-directory | ||
| wasabi_ | who's here? | 08:13 |
| SimonAnibal | I am | 08:14 |
| === ajmitch is here | ||
| fernando | let'me see... yes, I'm here | 08:14 |
| robertj | I be here | 08:43 |
| === wasabi__ [i=wasabi@conference/ubuntuconf/x-1688f7cfca74fe9e] has joined #ubuntu-directory | ||
| === ajforgue [i=andrew@conference/ubuntuconf/x-184061e6bd5bfe2f] has joined #ubuntu-directory | ||
| === nkassi__ [n=nkassi@mullion.maint.fsu.edu] has joined #ubuntu-directory | ||
| === Fujitsu [n=Fujitsu@ubuntu/member/fujitsu] has joined #ubuntu-directory | ||
| === ajforgue [i=andrew@conference/ubuntuconf/x-7ca783b3584e18e3] has joined #ubuntu-directory | ||
| === wasabi_ [i=wasabi@ubuntu/member/wasabi] has joined #ubuntu-directory | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!