LDAP schema

Luke Kenneth Casson Leighton lkcl at switchboard.net
Sun Nov 29 18:44:11 GMT 1998


jean-f's absolutely right.

On Fri, 27 Nov 1998, Jean Francois Micouleau wrote:

> On Fri, 27 Nov 1998, Matt Chapman wrote:
> 
> > A number of those attributes aren't of very much use to us though; they
> > only surface at certain info levels which it would be absurd to add
> > passdb routines for, or provide functionality which won't be in Samba
> > while we are still tied to the existing databases. And in a few years
> > time who knows what we'll need... 
> 
> Check again, most of them are in the user_info_21 struct.
> 
> > Maybe we need a whole new strategy for obtaining user & group
> > information...  perhaps something along the lines of open_user,
> > get_user_attribute (so that an extensible set of attributes could be
> > queried), close_user... Well, it would certainly make the LDAP
> > implementation easier :-) 
> 
> Why do you think the passdb.c API is for ? That's exactly what we done
> Luke and I in April/May ! It was all abstracted in an API exacly because I
> wanted to store more attributes in the LDAP database than what was
> available in the smbpasswd file.
> 
> > I would like to see what Luke has to say on the issue of storing RIDs, SIDs,
> > etc. as opposed to generating them..., but certainly in the schema I'll be
> > adding a few more attributes to those in that example.
> 
> We debated this already with Luke and Jeremy some months ago.
> The standard case is where the users don't have any RID, you generate them
> based on the UID, using Jeremy's mapping.
> 
> The second case, is when you're migrating from an NT-Domain to a
> Samba-Domain, and you want to keep the RID
> 
> > I did have a look at Microsoft's AD docs before and they seem to go into their
> > new NT5 groups schema in great detail but not say very much about individual
> > user information... was I looking in the wrong place?
> 
> Last time I checked the AD schema on MS web server was outdated. You have
> to find an NT5 beta 2 CD to have the latest version.
> 
> 	J.F.
> 
> 

<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>



More information about the samba-technical mailing list