Making more use of LDAP

Andrew Bartlett abartlet at
Fri Jun 20 05:18:21 GMT 2003

On Fri, 2003-06-20 at 09:22, Tim Potter wrote:
> On Thu, Jun 19, 2003 at 02:17:45PM +1000, Andrew Bartlett wrote:
> >  - We need to store *smb.conf* values in LDAP, where those values
> >    must be consistant across all hosts.  Things like the 'idmap uid/gid'
> > settings come to mind here.
> I'm not sure this is such a good idea.  You would have to be very
> careful with caching and so on to ensure you still had a working server
> in the event the LDAP server is not reachable.

Sure, we can gencache the value - indeed, I'm not worried that we might
need to have the value in the local smb.conf, but we should assert that
the value is correct before we start adding things to the LDAP idmap. 
Likewise for 'algorithmic rid base', which any outside tool modifying
our LDAP entries will need to know.

> I've been thinking it would be nice to be able to store file and print
> shares in LDAP though.  That way we can support dynamically added shares
> without having the information "hidden" in a tdb somewhere.  This would
> be in addition to shares listed in smb.conf.

I think this sounds fun :-)

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list