samba4: machine and user accounts
Stefan (metze) Metzmacher
metze at samba.org
Wed May 28 07:10:37 GMT 2008
Mike Wilkinson schrieb:
> Stefan (metze) Metzmacher wrote:
>> It's in the prefixMap attribute,
>> see setup/provision_schema_basedn_modify.ldif.
>>
>> I think we need to autogenerate the base64 encoded
>> based on some plain text source, maybe a simple file
>> like this:
>>
>> 0x00000000:1.2.3.4.1
>> 0x00010000:1.2.3.4.2
>> 0x00020000:1.2.3.4.3
>> ....
>>
>> What we also need is to implement the schema master role
>> completely, so that the schema can we updated at runtime
>> and a new mapping is created, but first we need to write
>> some tests to see how windows handles that.
>>
>> Note the prefixMapping attribute is not exposed via LDAP
>> from windows hosts, the content is only accessable via the
>> DsGetNCChanges() (but not as raw blob how it is stored on the database).
>>
> I've spent hours with gdb trying to work out what the encoding is
> supposed to be, the only thing I can see for sure are the header and the
> last few bytes of the final oid. It seems likely that we can't replace
> AD with samba4 at this point, thanks for any input up to now.
The encoding is defined in source/librpc/idl/drsblobs.idl
look for prefixMapBlob.
And a description of how the mapping works is in
source/librpc/idl/drsuapi.idl see the large comment
above drsuapi_DsReplicaOID.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20080528/e8d44091/signature.bin
More information about the samba-technical
mailing list