Subtree renames and linked attributes

Stefan (metze) Metzmacher metze at samba.org
Thu Aug 9 07:57:31 GMT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Bartlett schrieb:
> I've been chasing down a number of bugs been reported against Samba4 by 
> Matthias Wallnöfer <mwallnoefer at yahoo.de>, and these two look like
> issues we need to solve on a broader scale, in ldb:
>  - https://bugzilla.samba.org/show_bug.cgi?id=4838 
>  - https://bugzilla.samba.org/show_bug.cgi?id=4818
> 
> It seems to me that we need a way to rename objects in the LDB, and have
> references to that object (including children) update correctly.
> 
> I'm happy to go off and use the transactions code to rename all children
> (not knowing how that impacts on replication), but how should we cope
> with renames and linked attributes?  
> 
> I suppose we could make all DNs in attributes be stored as GUIDs and
> resolved at search time?

Hi Andrew,

Take a look at the
dsdb_syntax_DN_* and dsdb_syntax_DN_BINARY_* functions in
dsdb/schema/schema_syntax.c and the drsuapi_DsReplicaObjectIdentifier3
and drsuapi_DsReplicaObjectIdentifier3Binary structs in drsuapi.idl.
There's also a DN_STRING syntax, but the default w2k3 schema doesn't
use it, so I wasn't able to write an idl definition for it.

So a DN is really the combination of LDAP-DN, GUID and SID plus optional
binary/string data.
where GUID never change (maybe also the SID, we need to check if
cross-domain renames create a new object with a new GUID).

I think we should store at least the GUID and SID and the optional data.
Then we can decide if we want to store the name too, or if we want to
resolve it at search time from the GUID.

Also note that there're two forms of linked attributes.
The w2k style where only one replication meta data tuple is maintained
and only 5000 values are possible.
And the w2k3 ones where each linked attribute value has it's own meta
data and is replicated separate from the object it belongs too.
Then we need to think about how we want to store the individual values
as they have there own virtual "uSNChanged"/"whenChanged" stamp.

The next problem is how to handle linked attribute backlinks.

Then the next problem is how to handle links to objects which are not
present in any local partition, they need to be imported as phantom
objects and the infrastructure master needs to keep them in sync with
the real objects found via the GC. E.g. the crossRef objects which
represent a directory partition under CN=Partitions,CN=Configuration,...
point to child domains head objects which are not stored on the local
box unless the local box is a GC.

metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGusjrm70gjA5TCD8RAv32AKCF1k4wZHz9Losj1gXGDwdWLwIb/gCeM5Zn
lbAro1v1EKrFA5u55MGwBmY=
=iOuU
-----END PGP SIGNATURE-----

More information about the samba-technical mailing list