svn commit: samba r1713 - in trunk/source: . nsswitch
vlendec at samba.org
vlendec at samba.org
Tue Aug 10 23:37:28 GMT 2004
Author: vlendec
Date: 2004-08-10 23:37:28 +0000 (Tue, 10 Aug 2004)
New Revision: 1713
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/trunk/source&rev=1713&nolog=1
Log:
Add a winbind ldap proxy. This is incomplete, but you can run most basic
operations against it. Major missing pieces: Extended operations, referrals
and tls.
Why do I do this? Hmm. Like the OpenBSD people reply to the question why they
ship cryptography: "Because I can :-)"
There are some other reasons however:
Our current handling of update referrals is less than optimal. I would like to
optimize the referral handling so that during the ldap replication timeout we
query the ldap server we've been referred to so that the operations are not
stalled.
I would like to have non-tls for loopback and ldapi, and tls for remote
referred servers.
At least some versions of OpenLDAP have a 1024 client limit, this has already
hit me at a customer site. The winbind proxy code can be extended to
load-balance over any configured number of ldap servers.
For all these features I don't have the energy to figure out how to do that
with the RFC C API and how to work around the several RFC SHOULD thingies that
popular libraries choose not to implement.
Next reason: Samba4 will be an LDAP server, this can be a good testbed for the
ldap encoding/decoding routines.
Volker
Added:
trunk/source/nsswitch/winbindd_ldap.c
Modified:
trunk/source/Makefile.in
trunk/source/nsswitch/winbindd.c
Changeset:
Sorry the patch is to large, please use WebSVN to see it!
More information about the samba-cvs
mailing list