[PATCH] IDMAP Backend part 1 of 2 (LDAP library)
Andrew Bartlett
abartlet at samba.org
Wed Mar 19 21:40:49 GMT 2003
On Thu, 2003-03-20 at 06:27, Anthony Liguori wrote:
> Connecting to an ADS server is slightly different than connecting to a
> normal LDAP server (over TLS or something). I would say that all of the
> LDAP connection code should be abstracted together but the libads
> abstracts away even the LDAP connects to just a plain ads_connect().
>
> The only change we could make is to modify the ads_connect to use smb_ldap
> and have smb_ldap handle ADS style connections. I don't see where we'd
> really gain much there though.
The abstraction on the ADS code is very good. ads_pull_string() sure
beats the pants off messing about with pstrings, for example. Likewise,
the transparent reconnect is better, and I think it's better code.
If we need to split it out a little then lets do that, but having two
separate 'ldap helper' libs in the tree seems pointless.
(I already added 'plaintext' login code to libads, as well as LDAP URI
support).
If that's all just too hard, then I'll probably accept the current patch
on the 'minimal change' basis, but I would still like to do this right.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030320/4da3b983/attachment.bin
More information about the samba-technical
mailing list