Posix/Samba: the accounts managements
simo.sorce at xsec.it
Mon Nov 3 14:01:09 GMT 2003
On Mon, 2003-11-03 at 14:24, Aurélien Degrémont wrote:
> It may be a big help, but it's very difficult to implement. It's so
> difficult that external scripts are a very good solution, imho.
Yes they are.
> I had already made some tests with these kind of modification and it
> works fine except for one problem.
> The ldapsam delete functions try to delete the samba object class
> (sambaSamAccount or sambaGroupMapping) and all of its attributes, so the
> 'cn' attributes too. But, the other classes which these classes depends
> on need the 'cn' attribute too (i.e: posixAccount), so they don't like
> at all that Samba try to remove it.
> So, I propose that the deletion (ldapsam_delete_entry) only remove the
> samba objetclass, and let LDAP remove the associated attributes. As the
> posixAccount needs the 'cn' attribute, LDAP will not remove it, only the
> attributes that are not claimed by the other classes.
seem the right solution.
> Concerning the patches, I think all modification calls may be patched,
> not only delete_dom_user and remove_user_foreign_domain, like
> delete_group. I will test it and try to propose a patch soon.
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l. - http://www.xsec.it
via Durando 10 Ed. G - 20158 - Milano
mobile: +39 329 328 7702
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
More information about the samba-technical