[PATCH] rid allocator in passdb backend
Stefan (metze) Metzmacher
metze at metzemix.de
Fri Oct 18 08:27:00 GMT 2002
At 09:42 18.10.2002 +0200, Volker.Lendecke at SerNet.DE wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
> > It would be nice to update the samba.schema only once, so we should
> > now also add the account policy values, etc ... to sambaDomainInfo
> > (all stuff we'll later use for the SAM system) Also add sambaGroup
> > now, would be nice.(with the stuff we'll later use) And changing a
> > few attributes from ascii-string to directory-string, so that we can
> > support utf-8 strings.
>
>Has anybody already a new SAM LDAP schema? Don't get me wrong, I'm
>honestly interested.
this is an idea, I think for now it's ok to only define attribute we need
now, but
we should use this attributes in SAM LDAP and only add new ones to it, but
didn't rename any!
>objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaDomainInfo' SUP top AUXILIARY
> DESC 'Samba Domain Information'
> MUST ( domain )
> MAY ( rid $ domainSID ))
>objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaGroup' SUP top AUXILIARY
> DESC 'Samba Auxilary Group'
> MUST ( cn $ rid $ groupFlags)
> MAY ( ntGroupName $description $ domain ))
groupFlags should be like acctFlags
[B ] for builtin
[D ] for domain group
[L ] for local group
>#objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaPrivilege' SUP top AUXILIARY
># DESC 'Samba Privilege'
># MUST ( privilegeType )
># MAY ( privilegeSID $ description $ domain ))
we should store a list of SIDs for each privlege and don't store it on
users/groups
metze
-----------------------------------------------------------------------------
Stefan "metze" Metzmacher <metze at metzemix.de>
More information about the samba-technical
mailing list