Atomic RID allocation in LDAP
Andrew Bartlett
abartlet at samba.org
Sat Oct 12 23:49:01 GMT 2002
Volker.Lendecke at SerNet.DE wrote:
>
> On Sat, Oct 12, 2002 at 07:17:10PM +1000, Andrew Bartlett wrote:
> > I've been thinking about the problem of allocating RIDs in LDAP.
>
> Look at google for 'ldap atomic increment'. The second article gives some hints
> on how an atomic increment might be implemented in LDAP. I have not programmed
> LDAP before, but I might be tempted to try that approach. As the atomicity is
> only interesting for internal samba use (others can not be forced to adhere to
> any scheme), we might as well go for a mutex similar to those used when
> accessing a domain controller for authentication.
I think that misses the point. Sure, we could use a tdb - but given
there is known algorithm for this (and a big thankyou to those that
pointed it out to me) we should use it. We can't force non-samba users
to behave correctly, and we will have to 'double-check' the results of
any 'nextrid' call, but if we document it clearly, we have a much better
chance that we can convince others to 'play by the rules'.
External admin apps are one of the major reasons I decided to go to
LDAP. I expect that others have done the same - so lets try and make
they easy to do 'right', rather than dismissing them as 'not our
problem'.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list