Web lists-archives.com

Re: [Samba] Winbind, cached logons and 'user persistency'...




On Fri, 25 Jan 2019 16:32:56 +0100
Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Mandi! L.P.H. van Belle via samba
>   In chel di` si favelave...
> 
> I come back in this thread, sorry.
> 
> > Maybe https://wiki.debian.org/LDAP/NSS  is a better solution for
> > the mailserver.
> 
> Probably better use directly LDAP info with native MTA tools also,
> skipping NSS at all.
> 
> 
> > But personaly, the mail server should have replied with a better
> > NDR. Like : 4.4.1 The recipient’s server is not responding, so
> > something like that. 
> 
> Again... it is my configuration that reply generically; this is
> intended to prevent dictionary attack against the SMTP server.
> 
> 
> About 'winbind cache time' (default 5 minutes) seems effectively the
> parameter to tackle with, but still a thing does not seems clear to
> me: if i enable 'offline logons', i can have cached credentials.
> 
> But how does it make sense to have cached credential if there's no
> cached user data (NSS)?
> 
> 
> Strictly speaking, why winbind cache ''PAM'' data and not ''NSS'' one
> (seems to me)?
> 

The problem is (for myself anyway), I do not understand the difference
between 'PAM' and 'NSS' data. What does your exim mailserver expect to
find ?
What data does it need ?

Rowland
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba