samba4: machine and user accounts
Andrew Bartlett
abartlet at samba.org
Wed May 28 02:49:08 GMT 2008
On Tue, 2008-05-27 at 21:14 -0400, Mike Wilkinson wrote:
> Stefan (metze) Metzmacher wrote:
> > It's in the prefixMap attribute,
> > see setup/provision_schema_basedn_modify.ldif.
> >
> > I think we need to autogenerate the base64 encoded
> > based on some plain text source, maybe a simple file
> > like this:
> >
> > 0x00000000:1.2.3.4.1
> > 0x00010000:1.2.3.4.2
> > 0x00020000:1.2.3.4.3
> > ....
> >
> > What we also need is to implement the schema master role
> > completely, so that the schema can we updated at runtime
> > and a new mapping is created, but first we need to write
> > some tests to see how windows handles that.
> >
> > Note the prefixMapping attribute is not exposed via LDAP
> > from windows hosts, the content is only accessable via the
> > DsGetNCChanges() (but not as raw blob how it is stored on the database).
> >
> I've spent hours with gdb trying to work out what the encoding is
> supposed to be
It is described in drsblobs.idl
Given that the table is not accessible from windows, I am at a loss as
to why Metze chose a binary encoding. Even so, building a text
import/export system (along the lines of the one used for security
descriptors and SIDs, both of which are also binary) should not be
difficult.
> , the only thing I can see for sure are the header and the
> last few bytes of the final oid. It seems likely that we can't replace
> AD with samba4 at this point, thanks for any input up to now.
I'm sorry we have not been able to make this work for you in the
timeframe required. If you wish to try this again in future, we would
very much appriciate the chance to assist, as it is real world
deployments that will make Samba4 stronger.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080528/fa8dd783/attachment.bin
More information about the samba-technical
mailing list