LDAP schema

Matt Chapman m.chapman at student.unsw.edu.au
Fri Nov 27 09:10:26 GMT 1998

Jean Francois Micouleau wrote:

> On Fri, 27 Nov 1998, Matt Chapman wrote:
> > LDAP support is coming along well, and I would like some comments as to the
> > schema.
> I've done some digging on my disks of the LDAP skeleton I wrote 6 months
> ago. Take also a look at the AD schema on MS site.


A number of those attributes aren't of very much use to us though; they only
surface at certain info levels which it would be absurd to add passdb routines
for, or provide functionality which won't be in Samba while we are still tied to
the existing databases. And in a few years time who knows what we'll need...

Maybe we need a whole new strategy for obtaining user & group information...
perhaps something along the lines of open_user, get_user_attribute (so that
an extensible set of attributes could be queried), close_user... Well, it would
certainly make the LDAP implementation easier :-)

I would like to see what Luke has to say on the issue of storing RIDs, SIDs,
etc. as opposed to generating them..., but certainly in the schema I'll be
adding a few more attributes to those in that example.

I did have a look at Microsoft's AD docs before and they seem to go into their
new NT5 groups schema in great detail but not say very much about individual
user information... was I looking in the wrong place?


Matt Chapman
E-mail: mattyc at cyberdude.com

More information about the samba-technical mailing list