[PATCH] groups in ldap
Andrew Bartlett
abartlet at samba.org
Tue Mar 18 10:24:40 GMT 2003
On Tue, 2003-03-18 at 21:18, Volker Lendecke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > > But if you look at sambaAccount, it firmly ties 'uid' with 'rid',
> > > which conflicts your point below.
> >
> > No, it doesn't. 'uid' is 'username' in ldap-speak.
>
> Yes, I know. And I meant it this way. I only assumed that under Unix
> we have a one-to-one mapping between username and numeric uid.
>
> > We should not store the 'gid' as part of SambaGroup. That really is
> > idmap's problem (which might refer back to exactly the same record - but
> > they need to be conceptually seperated).
>
> We need a STRUCTURAL object to attach to. Should we make the
> sambaGroupMapping structural? This would make it stand-alone, but we
> could then not tie it to a posixGroup. If we make it AUXILIARY, we
> need another STRUCTURAL object to attach to. Which one?
Why not both?
ie, have a 'structural' that contains nothing, and hang the 'real' class
off that if we don't have anything else to hang it off.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030318/412d31c3/attachment.bin
More information about the samba-technical
mailing list