On Tue, 2013-07-23 at 14:20 +0100, Rowland Penny wrote: > OK, the documentation is better but people still get it wrong probably > because it is more complex than it needs to be, I personally find it > easier to set sssd up, but that is just me. > > Why use a word like orthogonal?, just who knows what orthogonal means, > I have only being speaking english for 56 years and have never used > that word in a sentence, just say what you mean and do not hide behind > gobbledy-gook.
Orthogonal is a single word, is precise and describes what is required exactly. It has been in my vocabulary for approaching 30 years. None overlapping range is three words and more characters as well. I was not aware that Newspeak was now a requirement for posting on this list. > > From what I can see the BUILTIN uids come from windows (and are called > SID's) and there they are set in stone. > The SID's are set in stone, they have no UID's set in stone. Winbind to work allocates a UID to them in it's allocatable (usually local) database. There must be no conflicts between these allocated UID's and the UID's in the domain, hence the requirement that the ranges given to winbind be orthogonal. > from the sssd-1.9.0 announcement > > - Add a new PAC responder for dealing with cross-realm Kerberos > trusts Well that's relatively new (aka less than a year old). I guess not that many enterprise distributions will carry it (though RHEL 6.4 does). What gets me is people claiming that half a dozen lines of configuration in smb.conf is more complicated than 30+ lines of configuration in an entirely separate configuration file in addition to several lines in smb.conf. It might be more performant, it might have fewer bugs etc. but it is absolutely not simpler to configure. JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
