LDB_SCOPE_ONELEVEL without full traversal?

simo idra at samba.org
Wed Dec 6 23:20:05 GMT 2006 

On Wed, 2006-12-06 at 23:59 +0100, Volker Lendecke wrote:
> On Thu, Dec 07, 2006 at 09:46:52AM +1100, tridge at samba.org wrote:
> > Why do you need an EnumValue call on tconx?
> 
> Simple: I want a registry key per [smbshare] definition, and
> I want all parameters in that share definition (i.e.
> registry values). And if you look at for example the
> lanmanserver\shares key in a real windows registry, you will
> see a secdesc as binary value per share. So putting all
> values into a single tdb record just will not work.
> 
> >  > It's not the huge databases, it's that *many* calls to the
> >  > non-indexed search might be necessary.
> > 
> > ok, so can you give me an example of where this onelevel search will
> > happen with other than a GUI application doing a tree walk?
> 
> The data model Jelmer has chosen and which I find quite sane
> looks like:
> 
> dn: cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> cn: regshare
> objectclass: sambaRegistryKey
> distinguishedName: cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> 
> dn: cn=max connections,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> cn: max connections
> objectclass: sambaRegistryValue
> sambaRegvalDword: 5
> distinguishedName: cn=max connections,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> 
> dn: cn=valid users,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> cn: valid users
> objectclass: sambaRegistryValue
> sambaRegvalSz: /data/tmp1
> distinguishedName: cn=valid
> users,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> 
> dn: cn=path,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> cn: path
> objectclass: sambaRegistryValue
> sambaRegvalSz: /data/tmp1
> distinguishedName: cn=path,cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
> 
> And so on. You get the idea. So we have to do a onelevel
> search on
> cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm to get
> all the smb.conf values that belong to the registry key that
> represents [regshare].

I honestly think this model is insane.
It throws out of the window the ldb/ldap object model

Why not simply have something like:

dn: cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
cn: regshare
objectclass: sambaRegistryKey
max-connections: 5
valid-users: a
valid-users: b
valid-users: c
path: /data/tmp1


The only thing I see as a possible problem is that in the registry
usually the names can be arbitrary while in ldb the attributes name
space is quite limited (no spaces, can;t start with numbers, can contain
only ascii chars and numbers).

If that's a problem another way to represent objects (registry keys) may
be this:

dn: cn=regshare,cn=smbconf,cn=samba,cn=software,cn=hklm
cn: regshare
objectclass: sambaRegistryKey
sambaRegvalDword: max connections=5
sambaRegvalSz: valid users=a,b,c
sambaRegvalSz: path=/data/tmp


This will require you to interpret the content of the attributes to find
out the name/value pairs, but it seems to me that this will be vastly
more efficient.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org

More information about the samba-technical mailing list