[PATCH] rid allocator in passdb backend

Stefan (metze) Metzmacher metze at metzemix.de
Fri Oct 18 08:27:00 GMT 2002

At 09:42 18.10.2002 +0200, Volker.Lendecke at SerNet.DE wrote:
>Hash: SHA1
> > It would be nice to update the samba.schema only once, so we should
> > now also add the account policy values, etc ... to sambaDomainInfo
> > (all stuff we'll later use for the SAM system) Also add sambaGroup
> > now, would be nice.(with the stuff we'll later use) And changing a
> > few attributes from ascii-string to directory-string, so that we can
> > support utf-8 strings.
>Has anybody already a new SAM LDAP schema? Don't get me wrong, I'm
>honestly interested.

this is an idea, I think for now it's ok to only define attribute we need 
now, but
we should use this attributes  in SAM LDAP and only add new ones to it, but 
didn't rename any!

>objectclass ( NAME 'sambaDomainInfo' SUP top AUXILIARY
>         DESC 'Samba Domain Information'
>         MUST ( domain )
>         MAY  ( rid $ domainSID ))
>objectclass ( NAME 'sambaGroup' SUP top AUXILIARY
>         DESC 'Samba Auxilary Group'
>         MUST ( cn $ rid $ groupFlags)
>         MAY  ( ntGroupName $description $ domain ))

groupFlags should be like acctFlags
[B        ] for builtin
[D        ] for domain group
[L        ] for local group

>#objectclass ( NAME 'sambaPrivilege' SUP top AUXILIARY
>#       DESC 'Samba Privilege'
>#       MUST ( privilegeType )
>#       MAY  ( privilegeSID $ description $ domain ))

we should store a list of SIDs for each privlege and don't store it on 

Stefan "metze" Metzmacher <metze at metzemix.de>

More information about the samba-technical mailing list