option ldap filter remove in 3.0.20

Guenther Deschner gd at samba.org
Tue Sep 20 08:09:05 GMT 2005 

Hi,

On Tue, Sep 20, 2005 at 07:28:51AM +0200, Ingo Steuwer wrote:
> Am Montag, 19. September 2005 16:22 schrieb Gerald (Jerry) Carter:
> > Ingo Steuwer wrote:
> > > Hello
> > >
> > > we realized that the option "ldap filter" was removed in
> > > 3.0.20. As we need  this option in one of our projects
> > > to seperate Users on different  samba-instances/-servers
> > > I'd like to know for what reason the option was removed?
> > >
> > > The SVN-Patch was small and changed only two files so we'd
> > > like to reactivate  this option using it. Is there any chance
> > > for this to get back into SVN?
> >
> > The option didn't work, and was not always applied consistently.
> > We had too many configuration errors by users who had misconfigured
> > or misunderstood the option.  It was simply historical baggage.
> >
> > You can present your case, but it will take a lot of convincing.
> > Perhaps if you give some specific examples of what filter you use.
> 
> The option did a good job in several samba releases for us. We use it to 
> define network- or location-based access for users using a ldap-attribute.
> 
> In an example:
> Three locations A, B and C have each its own PDC (no common wins-server) based 
> on the same ldap. Location A has no ldap filter, B has filter (&(uid=%u)
> (location=B)) and C has filter (&(uid=%u)(location=C)). I can decide per user 
> on which location he may work (he can always login at A), while I've got the 
> complete address-book and other LDAP-stuff at each location.
> 
> This is far more easy to administrate than sambaUserWorkstations and can be 
> used in other ldap-based tools also.

Maybe the grouping facilitiy I added to the sambaUserWorkstations field a
while ago is an easy replacement to achieve that particular functionality
you are looking for.

See http://websvn.samba.org/cgi-bin/viewcvs.cgi?rev=5528&view=rev for
details.

Guenther
-- 
Günther Deschner                    GPG-ID: 8EE11688
Novell / SUSE LINUX                       gd at suse.de
Samba Team                              gd at samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20050920/9b02ff58/attachment.bin

More information about the samba-technical mailing list