Is there a better way to check for user/group list updates from
ADS domains than doing wbinfo --sequence?
Guenther Deschner
gd at samba.org
Tue Jul 19 11:34:06 GMT 2005
Hi Marc,
On Mon, Jul 18, 2005 at 03:46:44PM -0700, Kaplan, Marc wrote:
> List:
>
> I'm wondering if there is a better way to check for updates to an ADS DC
> than doing wbinfo --sequence. For NT4 domains the update sequence number
> (USN) doesn't change unless an object changes, is added, or deleted. But
> on ADS DCs it seems like the sequence number just increments every few
> minutes even if no user-initiated changes took place. So, I'm wondering
> if anybody knows of a better method.
It really dependends why you want to retrieve the sequence number or a
general notification of changes on your ADS DC. If you're writing a
client-application you could consider to get notified of any changes on
only those attributes you're interessted in or only of accounts in a
specific subtree by using the LDAP_SERVER_NOTIFICATION control.
try $SAMBA3_SRC/examples/misc/adssearch.pl -h w2k3dc -x -U
administrator%secret -n description
maybe this is a valid alternative for you.
Cheers,
Guenther
--
Günther Deschner GPG-ID: 8EE11688
Novell / SUSE LINUX gd at suse.de
Samba Team gd at samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20050719/c996d950/attachment.bin
More information about the samba-technical
mailing list