4: Windows nsswitch Module
Winbind is an nsswitch module that, using an integrated
specialist implentation of a SURS mapping,
maps a Windows NT Domain environment into a Unix Environment.
A winbind-enabled Unix system can have users, groups and aliases
from a Windows NT Domain appear as local Unix users and groups.
Winbind also has a pam module (pam_winbind) that, along with
winbindd, at last solves the Holy Grail of a mixed Unix
and Windows NT Domain Environment: Single Sign-on.
TODO: expand this
Understanding how to correctly map between the Unix and Windows
NT security models, and narrowing down the best possible places
to perform this mapping has taken an extraordinarily long
time to crystallise. This has resulted in SURS
http://cb1.com/~lkcl/cifs/draft-lkcl-sidtouidmap-01.txt and a
first practical, if specifically targetted, implementation of
SURS in Winbind (cite winbind ref).
4.1: Winbind's SURS algorithm
4.2: Winbindd - Winbind Daemon
4.3: pam_winbind