Working on LDAP support in HEAD

Chris Young cyoung at idealcorp.com
Thu May 11 18:10:37 GMT 2000 

My belief is that we need to concentrate on getting everything functional.  And
by "functional" I mean doing things the BEST way that we can.  If this means
causing migration trouble then so be it.  Let's get everything nailed down and
THEN worry about migration issues.

The entire point of the HEAD & TNG branches (as far I believe, being a outsider
to the development) is to get the domain controller code working properly.  If
incremental RID allocation is the proper way for it to get done, then let's do
it that way and not kludge ourselves into limitations.

This is just MHO if it means anything.  :)

Chris

On Fri, 12 May 2000, you wrote:
> [note that the original message has been cross posted to
> samba-ntdom at samba.org as well.  However, let's keep all 
> discussion on samba-technical as that should make it easier 
> to follow in the archives.   Thanks   --jerry]
> 
> 
> Folks,
> 
> I need some input on a judgement call for fixing the LDAP
> support in the HEAD branch.
> 
> The issue the allocation of user RID's in the LDAP entries.
> Under the scheme devised for SAMBA_TNG (i'm talking about the
> older LDAP schema), RID's are generated automatically and 
> in a monotonically increasing order (like NT).  However,
> this will make it very difficult to migrate from smbpasswd to LDAP
> in a Samba controlled NT domain.
> 
> Why you ask? :-)
> 
> Changing the user RID will break existing profiles.  So how do we
> get around this?  By setting the RID to be the same.  I have some 
> perl scripts that will transder an smbpasswd into an LDAP tree 
> while keeping this existing user RID (as defined by the algorithms
> currently coded in smbd).
> 
> However, this migration strategy breaks the incremental RID 
> allocation scheme use by the LDAP passwd backend.  
> 
> Finally, my point.  I would like to allocate the RID's based 
> upon the samba uid <-> RID mapping function implemented in 
> the main branch.
> 
> What say people to this?
> 
> Cheers,
> jerry

Thank you,
Christopher Young, Senior Systems Administrator

I.D.E.A.L. Technology Corporation
1109 East Concord Street
Orlando, Florida  32803

http://www.idealcorp.com

407.999.9870 x14 or 1.877.IDEAL.CORP (Phone)
407.999.9850 (Fax)

I.ntegration D.evelopment E.ducation A.ll L.inux

More information about the samba-technical mailing list