CVS update: samba/source/passdb

Andrew Bartlett abartlet at samba.org
Sun Mar 23 13:35:27 EST 2003 

On Sun, 2003-03-23 at 06:15, vlendec at samba.org wrote:
> 
> Date:	Sat Mar 22 19:15:50 2003
> Author:	vlendec
> 
> Update of /data/cvs/samba/source/passdb
> In directory dp.samba.org:/tmp/cvs-serv4745
> 
> Modified Files:
> 	pdb_ldap.c 
> Log Message:
> This changes the way we do LDAP updates. We don't use LDAP_MOD_MODIFY
> anymore, but instead look at what is currently stored in the
> database. Then we explicitly delete the existing attribute and add the
> new value if it is not NULL or "". This way we can handle appearing
> and disappearing attributes quite nicely.
> 
> This currently breaks pdbedit -o, as this does not set the CHANGED
> flag on the SAM_ACCOUNT. 

The way I handled this last time was to have the test being 'if add,
then treat DEFAULT as CHANGED', but within pdb_ldap.   (ie, on the same
line we have the current test)

The idea of getting some transaction security is very nice - I was
thinking we could reduce the traffic on the LDAP server, and assist this
as so:

 - When we read a user from LDAP, store the LDAP result and DN into a
void* 'private' pointer on the SAM_ACCOUNT.  Also write a tag so we know
it is 'ours'.

 - When we go to update that record, we use this rather than a freshly
found record.
 - This also saves an LDAP round trip.
 
 - Your changes should ensure that if there is a 'lost update' (ie, of
any of the fields we have changed change under us) that we can return
this to the user.
 
 - We should note that NT4 doesn't do this - they allow lost updates,
but I would like to better MS on this one, until somebody shows me this
breaks something.  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-cvs/attachments/20030323/98167cf0/attachment.bin

More information about the samba-cvs mailing list