DM and ''offline'' PAM (and NSS?)...

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

DM and ''offline'' PAM (and NSS?)...

Samba - General mailing list

I'm using samba 4.5 on a debian jessie (Louis packages).

Rarely it happen that a power outgage tear down all the stuff, here.
I've noticed that if the DM start before the DC, clearly all account
data are inaccessible.

To prevent or minimize that, the ''offline mode'' of winbind can be
safely used also on DM servers? Or is tailoread against roaming client
(portables, ...)?
What benefit and/or drawbacks?

I've seen:

and seems clear to me. but still... some question:

a) there's no info about the persistence of the cache; so seems to me
 that the cache are ''persistent'', eg data are kept indefinitely and
updated only on successful logons against the DC. Right?

b) the doc speaks about ''passwords'' (PAM) but not mention at all
 ''account'' (eg, NSS); seems to me obvious that all stuff (password
and account) get cached; really, in a server i need more the latter
then the former...

c) also password expiration data are cached? Seems to me ''no'',
 because in this way also the policy (eg, 'samba-tool domain
passwordsettings') have to be cached...


dott. Marco Gaiarin        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)   t +39-0434-842711   f +39-0434-842797

                Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
        (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

To unsubscribe from this list go to the following URL and read the