net rpc vampire performance
Ingo Steuwer
steuwer at univention.de
Sat May 28 13:56:41 GMT 2005
Am Freitag, 27. Mai 2005 19:30 schrieb paul kölle:
> Ingo Steuwer wrote:
> > I wouldn't expect that many people will use a somehow site-specific
> > ldif-output. I can see how you figure out which base-DN you can use and
> > where to store users, groups and computers. But how do you handle
> > existing users/groups, how can you specifiy additional options
> > (objectclasses like posix or kerberos), how can I sort my large database
> > in several containers? Do you handle merging of existing and new accounts
> > (which means you'd need to contact ldap)?
>
> Why can't you do all that with your own logic using the ldif output? Or
> do I miss something?
Sure I can, and I welcome this approach. But in XML or CVS it would be easier
to store the essential information, and I'd expect that the data is stored in
a comparable way in the code (haven't looked at it by now).
For example: Let's have a user called John Smith, which is stored in LDAP as
"cn=john,cn=user,o=myldapbase" with samaccount and samaccountname "jsmith".
If you wan't to parse group-memberships you have to parse first for the DN
and the primarygroup-sid, then for all uniquemeber-entries (case-insensitive)
with the users dn and for the group with the given sid as primary group and
finally in each group-entry for the name of this group. While all this is
possible, handling of XML containing the "raw" data from the NT-PDC would be
easier.
Greetings
Ingo Steuwer
--
Ingo Steuwer steuwer at univention.de fon: +49 421 22 232- 0
Entwicklung Linux for Your Business
Univention GmbH http://www.univention.de/ fax: +49 421 22 232-99
More information about the samba-technical
mailing list