ldap code

[Matthew Chapman]

> 
> looks good.  i'm extracting the fnum code from the patch: just to advise
> all people sending contributions with two or more sets of functionality,
> please keep them in _separate_ patches not one.  an entire contribution
> will be given less priority if it contains modifications that are either
> not needed or, say, for security reasons, cannot be added. 

Agreed. I've noticed that you haven't committed the new files yet
(LDAP.yo and *ldap.c), was this intentional or did you just forget to cvs
add them?

The reason i took the code out of smbpasschange.c is that it (i) assumed a
file-based database and (ii) did this:

vp = startsmbpwent(True);
smb_pwent = getsmbpwnam(user_name);
endsmbpwent(vp);

As I understand it start/endsmbpwent shouldn't be called around
getsmbpwnam (it certainly isn't in other places).

> - the #ifdef WITH_LDAP should read #ifdef USE_LDAPUNIX_DB in groupdb/*.c
> and should be switched _off_ by default.  the default should be to use
> USE_SMBUNIX_DB unless, and probably even if they are not, users are using
> ldap rfc2037 for users/groups.

I think WITH_GROUPLDAP would be more enlightening, corresponding to a
--with-group-ldap configure option, or maybe USE_LDAPGROUP_DB?

	Matt