CVS update: samba/source/passdb
Andrew Bartlett
abartlet at samba.org
Sun Mar 23 13:35:27 EST 2003
On Sun, 2003-03-23 at 06:15, vlendec at samba.org wrote:
>
> Date: Sat Mar 22 19:15:50 2003
> Author: vlendec
>
> Update of /data/cvs/samba/source/passdb
> In directory dp.samba.org:/tmp/cvs-serv4745
>
> Modified Files:
> pdb_ldap.c
> Log Message:
> This changes the way we do LDAP updates. We don't use LDAP_MOD_MODIFY
> anymore, but instead look at what is currently stored in the
> database. Then we explicitly delete the existing attribute and add the
> new value if it is not NULL or "". This way we can handle appearing
> and disappearing attributes quite nicely.
>
> This currently breaks pdbedit -o, as this does not set the CHANGED
> flag on the SAM_ACCOUNT.
The way I handled this last time was to have the test being 'if add,
then treat DEFAULT as CHANGED', but within pdb_ldap. (ie, on the same
line we have the current test)
The idea of getting some transaction security is very nice - I was
thinking we could reduce the traffic on the LDAP server, and assist this
as so:
- When we read a user from LDAP, store the LDAP result and DN into a
void* 'private' pointer on the SAM_ACCOUNT. Also write a tag so we know
it is 'ours'.
- When we go to update that record, we use this rather than a freshly
found record.
- This also saves an LDAP round trip.
- Your changes should ensure that if there is a 'lost update' (ie, of
any of the fields we have changed change under us) that we can return
this to the user.
- We should note that NT4 doesn't do this - they allow lost updates,
but I would like to better MS on this one, until somebody shows me this
breaks something.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-cvs/attachments/20030323/98167cf0/attachment.bin
More information about the samba-cvs
mailing list