Samba4 LDAP Integration

Gémes Géza geza at kzsdabas.sulinet.hu
Thu Oct 28 15:55:49 GMT 2004


Simo Sorce írta:

>On Thu, 2004-10-28 at 17:07, Dustin A. Dortch wrote:
>  
>
>>Do you reinvent the wheel for the sake of a few things, or do you
>>contribute to an existing project.  I tend to think the latter.  There
>>is not any need to create a new LDAP server.  That is just more code to
>>maintain than is necessary.  OpenLDAP does need some work, but maybe
>>there needs to be some joint work in extending OpenLDAP, especially in
>>respects to replication and manageability.
>>    
>>
>
>I tried to work on openLdap code, I wrote an ldb module with basic
>functionality, and, at last, found it was much easier and productive for
>samba4 development to start from scratch and build up a new ldap server.
>It was a well thought decision.
>Said that I'm not saying samba will support _only_ the samba ldap
>server, we are still in early development steps in this field and being
>able to have our ldap server tightly integrated helps a lot to develop
>the whole project faster. Once we will have all the details and needs
>sorted out we will be able to decide how to address compatibility
>towards other ldap servers.
>
>  
>
I think, that having Samba4 ready for the time when M$ will force its 
customers to move to AD is the crucial point.
Making OpenLDAP multimaster replication reliable is something that 
OpenLDAP developers weren't able or wanting enough to do so from years. 
Multimaster replication is an important point in Windows AD -> Samba4 AD 
migration, and interoperability.
I think we SHOULD accept, that the Samba3+OpenLDAP to Samba4+Heimdal+??? 
will be a harder one that the Samba2+OpenLDAP to Samba3+OpenLDAP was 
(because it wasn't touching any of the non-Samba attributes).
IMHO we will  have a lot smoother migration path, if we (running 
Samba3+OpenLDAP) would do an inventory of what other LDAP dependent 
services are we running, and develop plans (and if needed patches and 
scripts for them) on modifying them to use the new schema. And when the 
time of switching to Samba4 comes we could do that more easyly.

Thanks for reflecting on it.

Geza Gemes



More information about the samba-technical mailing list