tridge at tridge at
Thu May 11 05:15:09 GMT 2006


You were right - the CLDAP server does need to be made part of the
LDAP server. A search like this proves it:

  ldbsearch -H ldap://win2003 -s base -b '' '(&(User=Adminisrator))' NetLogon currentTime

it returns the NetLogon attribute, which is normally only used on
CLDAP. So this means that CLDAP can be used to query any part of the
rootDSE, and that LDAP can be used to query the attributes normally
associated with CLDAP.

We could either implement this by making ldb calls in the cldap server
code, or by merging the cldap server code into the ldap server. We
should also allow ldbsearch to use cldap directly, so we should be
able to do:

  ldbsearch -H cldap://win2003 -s base -b '' '(&(User=Adminisrator))' NetLogon

to get the logon info.

Cheers, Tridge

More information about the samba-technical mailing list