[soc] External LDAP support in Samba4.
Martin Kühl
martin.kuehl at gmail.com
Thu Jun 8 21:43:25 GMT 2006
On 6/6/06, Gerald (Jerry) Carter <jerry at samba.org> wrote:
> Could you give me a one line sentence and to what you
> expect the deliverables to be for M1 (June 28) & M2
> (Aug 4)? Also how do you propose to validate/verify
> working code? Will you rely upon existing smbtorture
> tests from the SAMBA_4_0 branch?
I'm not sure about the milestones. I still feel like I'm not seeing
something important and oblivious to the whole extent of the
mappings...
For validating my code, I think the existing tests will do, although
I'll have to run them against (and be able to start/stop) an OpenLDAP
server.
I sent the following off-list (I should really stop doing that...), it
should give an idea where I currently "am".
Cheers,
Martin
> [...]
> this time I'd like some feedback on milestones. This is what I came up with:
>
> * A partition module would be more general, but a module renaming
> special dns would make an easier first module and should suffice to
> run modules against an external LDAP server (unless there's
> something else I'm not seeing). So that what I plan to start with.
> I'll gladly help with a partition module later if you like, but not
> yet.
>
> * I've talked to Jelmer about ldb_map and samba3sam; I think I
> understand how ldb_map is supposed to work and will try to make it
> async. I'm not sure how to handle the two DBs in there yet
> (w.r.t. asynchronism and transactions), but I'll try and ask when in
> trouble.
>
> I think these would make a suitable M1 milestone. Progress could be
> tested by running the samba3sam test suite against an OpenLDAP server
> running the samba3 schema. I hope I'm not underestimating ldb_map
> here...
>
> That leaves javascript and mappings for the second part, so:
>
> * Mappings are supposed to be the largest part of my work. Jelmer
> already did some of these in one direction, I'll add the other
> direction where necessary (which is only a few cases), then see
> which parts of the provision are missing. For grokking schema
> semantics, some of my $work code should help; I will also set up an
> AD server with test data there and watch it.
>
> * I'm a little unsure about where javascript fits in best; ldb_map is
> complex already and shouldn't grow too much IMO, but a different
> module for mapping with javascript would have to share at least some
> of the mapping logic. Unless it tried to do without a fallback
> database, which might be a bad idea...
>
> I'd like to declare one of these goals optional, but don't know which
> one is preferred. I think javascript mappings/modules would be more
> interesting to work on, but I also think that mappings are more
> related to my original problem.
>
> Testing should be possible mostly within the current framework; a test
> should parallel the samba3sam test in both cases, just with
> more/different data and possibly an external LDAP backend, and a
> different set of mappings for the javascript case. That's something I
> think I'd need to add to the current tests: starting, stopping and
> using an OpenLDAP server.
>
> Does that sound reasonable?
More information about the samba-technical
mailing list