Version 4 LDAP particulars?
Andrew Bartlett
abartlet at samba.org
Sat Jan 29 22:05:49 GMT 2005
On Sun, 2005-01-30 at 01:47 +0100, paul kölle wrote:
> Stefan (metze) Metzmacher wrote:
> > And I said that we first only care about our own ldb and make the samba4
> > code handle all
> > involved protocolls (SAMR, NETLOGON, DRSUAPI, LDAP...) correct.
> That is to say: Implement those parts of LDAP the clients ask for, not a
> LDAPv3 server+extensions right?
The intention is certainly to implement an LDAP server that matches what
Microsoft provides. As metze indicates, we need a lot of this just to
provide infrastructure for everything else, even before we deal with
what LDAP clients may need.
> >
> > and when this is done and have the correct layout and an implementation
> > with good code
> > like the smb server.
> >
> > then we'll try to find ways to make backward compatibility and upgrading
> > as easy as possible
> I for one am not so concerned about migration or backward compatibility
> but what will be the result in terms of data storage. As a matter of
> fact, LDAP servers are now in use for many "auth like" services
> including but not limited to samba. If the samba LDAP server cannot
> store "foreign data" (custom schemas) many ppl will end up with at least
> two separate data stores which have to be syncronized/integrated to some
> extend.
I see no reason why Samba would be unable to store arbitrary user data.
> Both proposed solutions, a LDAP server as backend for ldb or ldb as
> backend for a LDAP server are problematic or at least a lot of work and
> do not seem to be considered as a necessary part of samba4.
I'm a little unsure what you mean here.
> It would be
> nice to have a rough outline how a samba3+ldap+heimdal[ldap backend]
> scenario looks like in a samba4 setup.
As a Kerberos server will be an integral part of Samba4 (we have a
custom branch of Heimdal kerberos that we maintain for this purpose),
this will have to 'just work'.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050130/876b5b43/attachment.bin
More information about the samba-technical
mailing list