ldap filter gone and sambadomainnname not checked
idra at samba.org
Wed Mar 8 15:00:35 GMT 2006
On Wed, 2006-03-08 at 11:55 +0100, Volker Lendecke wrote:
> On Wed, Mar 08, 2006 at 09:50:32AM +0100, Pierre Filippone wrote:
> > Again, thank you for your suggestions and I will definitely use one of
> > them, but this does not change my opinion that an application, which uses
> > LDAP should have customizable filters. I know, it's simple to make
> Damn, I must admit that this can be a useful feature. :-)
> To be honest, there have been places where I could have made
> use of it as well. I've always found workarounds, which
> turned out to be cleaner in many ways, but Samba3 is so full
> of nice little gems (others might call them hacks...) that
> this one does not hurt.
> The attached (rather untested) patch revives ldap filter
> under a different name and hooks in much deeper, into every
> single search. It &'s the 'ldap restrict filter' to the
> I don't yet check this in, I'd like to hear a word from
> Jerry or Jeremy. And of course testing results from you :-)
Volker have you ever seen how postfix works wrt ldap ?
It lets you define your own queries completely.
I think this filter is just the same as before, we do queries for many
different things, like the domain object and I do not think a single
immutable filter for all queries is a great thing.
I may take time for a little analysis of our queries and see if we can
find out a reduced set of queries that perhaps combined would fulfill
all our requirements and propose a set of options to be able to
user-specify the all in smb.conf
Only, I am not sure we want to follow this path.
Samba Team GPL Compliance Officer
email: idra at samba.org
More information about the samba-technical