ldap was Re: [Samba] Samba 4

Luke Howard lukeh at padl.com
Fri Aug 26 00:33:51 GMT 2005

>> There is a good reason for this: AD clients expect non-standard
>> behaviour from their LDAP server, so we can't just use OpenLDAP. The
>> Samba4 LDAP server can function pass thru requests to any other
>> standards-compliant LDAP server.
>my question just wouldn't it be possible to include a frontend for some 
>kind of ldap and kerberos server?
>wouldn't it be easier to enhance openldap or fedora/netscape directory 
>server? or they are so badly implemented ldap servers?

You need to maintain the integrity of the Active Directory information
model regardless of the source of updates. This is difficult to
impossible with a frontend or proxy.

Building a directory server from scratch (as Samba4 are doing) or
extending an existing one (eg. as we did to OpenLDAP in XAD) are the
only options IMO.

-- Luke


More information about the samba-technical mailing list