ldap was Re: [Samba] Samba 4

Michael B Allen mba2000 at ioplex.com
Fri Aug 26 01:36:14 GMT 2005

On Thu, 25 Aug 2005 21:44:51 +0200
Jelmer Vernooij <jelmer at vernstok.nl> wrote:

> > my question just wouldn't it be possible to include a frontend for
> > some kind of ldap and kerberos server? wouldn't it be easier to
> > enhance openldap or fedora/netscape directory server? or they are
> > so badly implemented ldap servers?
> Their "problem" is that they implement a standards-compliant LDAP
> server while we need one that violates the standards (but is
> compatible with AD).

If a peice of code correctly abstracts an idea it cannot be "wrong" and
will work with any other task that employs that idea. There are a lot of
pieces to a protocol server that are conceptually separable. You have I/O
handling, marshalling code, search expression reducing routines, etc. I
haven't a clue as to the standards violations you speak of but I'll bet
my guitar that AD and other directory servers share a lot conceptually. I
think "frontend" is not the correct word. Librarification would be more
appropriate (although I'm not sure it's a word at all :-).

So it seems to me the "problem" is more that the OpenLDAP and Netscape
code does not abstract ideas through librarification of peices using well
defined, "small", easy to understand interfaces. At least not enough to
compel third parties to use it in different applications.


More information about the samba-technical mailing list