LDAP support in SAMBA

Gerald Carter gcarter at valinux.com
Wed Sep 26 10:43:39 GMT 2001 

On Mon, 24 Sep 2001, Jan Du Caju wrote:

> We did some code modifications to allow us to have some needed
> (at least of us ;-) enhancements.
> I know we should have looked first at the TODO page
> http://ftp.easynet.be/samba/TODO.html
> and contacted you but as we didn't I just list them and wait
> for suggestions/instructions
>
> 1) redundancy enhancement
>
> More specific to be able to specify more than 1 ldap server so
> in case the first specified is unreachable the next (containing
> the same info :) is tried:
> modification of ldap.c and used a different format for the ldap
> server definition in smb.conf:
> ldap server = <ldapserver_1>[:port][,<ldapsever_X>[:port]]*

Good idea.

> 2) a fall back to the local smb password file
>
> Due to our complex environment where the samba servers are/will
> be managed decentral the local administrators need to be able
> to add temporary users locally which do/will not appear in the
> central ldap servers. Similar it would be better to define the
> user root (needed to add machine accounts in a Windows domain)
> locally.
>
> So changes were made to be able to specify in the smb.conf file
> the order the backend db will be consulted. Modification of info
> will only be possible in the db where it was found.
> For the commands like smbpasswd we added an argument to specify
> the backend that should be updated.

Ironically enough, koen muylkens <koen.muylkens at student.kuleuven.ac.be>
Just posted a similar query.  His was related to failover among
passdb backends in general.

I'll look at your patch, but I would like to solve this
in the general case.

> 3) We want to help coding the password and group backend
> (especially ldap ;)
>
> Patches against CVS tag SAMBA_2_2 are coming up.

Are you working with JF's group mapping code in HEAD?









cheers, jerry
 ---------------------------------------------------------------------
 www.samba.org              SAMBA Team              jerry_at_samba.org
 www.plainjoe.org                                jerry_at_plainjoe.org
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba-technical mailing list