Samba4 LDAP Integration

[Gémes Géza]

paul kölle írta:

> Gémes Géza wrote:
>
>> I think, that having Samba4 ready for the time when M$ will force its 
>> customers to move to AD is the crucial point.
>> Making OpenLDAP multimaster replication reliable is something that 
>> OpenLDAP developers weren't able or wanting enough to do so from 
>> years. Multimaster replication is an important point in Windows AD -> 
>> Samba4 AD migration, and interoperability.
>> I think we SHOULD accept, that the Samba3+OpenLDAP to 
>> Samba4+Heimdal+??? will be a harder one that the Samba2+OpenLDAP to 
>> Samba3+OpenLDAP was (because it wasn't touching any of the non-Samba 
>> attributes).
>> IMHO we will  have a lot smoother migration path, if we (running 
>> Samba3+OpenLDAP) would do an inventory of what other LDAP dependent 
>> services are we running, and develop plans (and if needed patches and 
>> scripts for them) on modifying them to use the new schema. And when 
>> the time of switching to Samba4 comes we could do that more easyly.
>
>
> Take it more generally. It's not about LDAP but the interfaces Samba4 
> will implement to USE data it will not store by itself (uid/gid?) and 
> the interfaces it will implement to PROVIDE access to data it stores 
> other services might need. Any reasonings, notes, code to look at?
>
> thanks
>  Paul
>
No, the real point is not to have to move from OpenLDAP based 
Posix+Samba+other attributes to Samba4's LDAP server based Samba 
attributes+Something else (e.g. flat files :-( ). Instead IMHO a Samba4 
LDAP server based central storage would be the best solution to this. 
The necessary infrastructural changes could have benefits as well:
A modified nss_ldap could find the ldap server using the notorius DNS 
recurds, etc.
I would like to see in this tread all of your ideas about necessary 
changes to non Samba4 software, needed to work (maybe better than 
before) with the proposed Samba4 LDAP server, and its ADS like schema.

Thanks

Geza