[sparks-discuss] Active Directory name service module (nss_ad) [PSARC/2008/441 FastTrack timeout 07/18/2008]
Mike Gerdts
mgerdts at gmail.com
Sun Jul 13 17:42:14 PDT 2008
On Sun, Jul 13, 2008 at 6:19 PM, Nicolas Williams
<Nicolas.Williams at sun.com> wrote:
> It is still not wise to name users/groups in AD which might cause
> problems for Solaris or various applications, such as all numeric
> user/group names, names that start with '-', names that contain ':',
> names that contain non-printing or non-ASCII characters, ...
>
> It might be useful to have the name service switch filter or escape such
> names. And it may be nice to setup a convention that the name service
> switch and the backends use UTF-8, or enhance the relevant interfaces to
> specify codesets, and then ensure that getXbyY() callers get names that
> have been converted to their current locales' codesets. But such
> changes to the name service switch and friends are not this case.
Additionally - not part of this case - it would be nice to have a
generic username mapping mechanism. An organization that is looking
to use AD as their naming service is somewhat likely to have chosen
Windows/AD usernames that do not comply with the UNIX view of the
world.
--
Mike Gerdts
http://mgerdts.blogspot.com/
More information about the opensolaris-arc
mailing list