pdb_ldap.c/Samba 3.0 PDC for XP
Andrew Bartlett
abartlet at samba.org
Wed Apr 30 00:59:41 GMT 2003
On Wed, 2003-04-30 at 07:51, Matt Benjamin wrote:
> Hi folks,
>
> It seems like this code is somewhat mutable right now...though it looked
> viable a few days ago.
>
> What I'm trying to do is test-migrate our Samba 2.2.x + LDAPSAM Samba
> setups to Samba 3.0, to get group mapping, etc.
>
> I had done a CVS pull on HEAD on 4/25, and was able (with a minor change
> to pdb_ldap.c/make_a_mod [note on pdb_ldap.c, l. 835: you don't need
> this, and you don't want it, because it breaks deletion of group maps]
> to create a domain based on our 2.2.x LDAP data, and I was able to join
> and use domain logins from a W2K client. I had trouble with a WinXP
> station, though. I could "join" the domain, but afterwards, XP reported
> the domain was not available.
>
> With this morning's CVS code (SAMBA_3_0), some things are awry. Among
> other things, (at least) init_sam_from_ldap and ldapsam_getsampwsid
> functions fail to find sambaAccount entries based on rid--this seemed to
> be a simple omission, so I fixed these.
I'm interested in how these failed - I probably didn't test every
combination of access modes. Was this just because you didn't use the
'ldapsam_compat' module?
> After doing so, I was able to
> do logins with smbclient, and to update workstations with "smbpasswd -m
> -a". However, attempting to join the domain now failed with a handle
> error in find_policy_by_hnd_internal.
>
> My question is, how far is this code from stabilizing? Is the ldapsam
> back end expected to break further before it becomes usable again--with
> backward compatibility to 2.2 data, as I understand is planned?
We have decided to change the schema for 3.0. rid -> ntSid is the main
change. The ldapsam_compat backend will remain for compatibility.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030430/ac17e472/attachment.bin
More information about the samba-technical
mailing list