ldap filter gone and sambadomainnname not checked

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Mar 6 17:24:10 GMT 2006

On Mon, Mar 06, 2006 at 11:09:18AM +0100, Pierre Filippone wrote:
> IMHO the cleanest solution is the "ldap filter" option, samba used to 
> have.

We have deliberately deleted the ldap filter option because
it has caused inconsistent behaviour at many sites. This is
just asking for trouble.

The problem is that Samba not only has a single LDAP query,
a stupid query that is probably giving misleading results is
the search for smbldap_search:

$ grep smbldap_search pdb_ldap.c|wc -l

This means that we are asking the LDAP in potentially 37
different ways with different filters. How many of those do
you want to expose to the user?

So in the sense of clarity we have chosen to remove this
option, in particular as LDAP offers other possibilities to
achieve the same goal, as simo has nicely shown.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060306/0a4bdcce/attachment.bin

More information about the samba-technical mailing list