[samba-tng] status: nt5ldap and samtdb

Luke Kenneth Casson Leighton lkcl at samba.org
Tue Feb 1 23:17:38 GMT 2000

hi luke, did you get groups and aliases working as well?

On Wed, 2 Feb 2000, Luke Howard wrote:

> a couple of attributes -- namely, objectSid (kind of important, yes!) 

send some examples, in binary format not base64

> and dBCSPwd/unicodePwd -- things are mostly working. There seems to be

again, send us some examples, plus the RID and name of the user, it's
likely to be a key based on those.  tell us what the plaintext password
is, too.

then we can get a good look-see and work some test code up to a good

first test, straight pwdump algorithm, that's the usual one.

> some weird stuff happening that can send the passdb backend into an
> infinite loop, though, which I believe Luke has noticed as well.

YES... I... HAVE!!

and i'm ignoring it.  so there :)

i hate domain_namemap.c and the passdb/ API.  it's an awful mess.

never mind.  first implementation, and all that.

> So... I guess the upshot is that I'm going to have to implement an
> LDAP backend for samrd, but I think I might just wait until things

yes please!

well, the samr API itself is never going to change, so you can start any
time you like.

if you want code to cut-and-paste, i've pretty much got the "user" side
working in samrtdbd.

there is a distinct advantage to you writing a samrldapd, luke.  people
can compile samrd with --with-ldap, and compile samrldapd as well, and you
can start samrd, slurp the SAM database (text format?  rpcclient
samsync?), stop samrd, start samrldapd and shove it with the SAM database,
and you're converted from our old-style LDP to new-style nt5-LDAP.

More information about the samba-technical mailing list