Base

2.0.0

u0506

none

none

Thu Mar 9 09:53:34 CET 2006

sbin/authsrv(1.0.0u0507)

sol4 macosx linux hppa hpia64 alpha rs6000 sgi

authentication server AD/PDC groups support

The authentication server does now use group information from an
AD/PDC (Active Directory Server/Primary Domain Controller).
It dynamically maps AD/PDC groups to UNIX group IDs, in the same way
AD/PDC user names are mapped to UNIX user IDs. The mapping of users
and groups is stored in the authsrv cache file
"HELIOSDIR/var/conf/authsrv.cache".

To use the AD/PDC groups the "heliosauthcreate.exe" tool from update
u0508 must be run on the AC/PDC server.

The following new preferences are used by the authentication server:

Programs/authsrv/PDCAuthDir (type str, default "HELIOSAUTH")
Name of the special network share created by "heliosauthcreate.exe".
This preference has to be set only if "heliosauthcreate.exe" was
called with the option "-s <share>" to create a non-default share.

Programs/authsrv/PDCGroupFirstId (type int, default 2000)
Programs/authsrv/PDCGroupLastId (type int, default 2400)
First and last group ID used for dynamical group ID assignment.

Note: The ranges for dynamically assigned user/group IDs must
not overlap with any user/group IDs used on the UNIX system.

Also fixed:
- A member of the printer administration group (PrnAdm) was treated
like a member of the queue administration group (QueueAdm).
- Several memory leaks and stability enhancements.