[Fedora-directory-devel] [SAMBA4] Fedora DS backend to Samba4

Richard Megginson rmeggins at redhat.com
Wed Jan 3 14:52:42 GMT 2007

Andrew Bartlett wrote:
> I've been working to allow Fedora DS to backend Samba4, much as OpenLDAP
> can.  This, I hope, will bring us the benefits of a replicated backend
> between Samba4 servers.
> To set this up, I've placed some notes in setup/fedora-ds-init.ldif and
> extended the provision script.  The provision now succeeds, and Win2k3
> can join and log into the Samba4/FDS domain.
> The next step is to test the Fedora DS backend in our 'make test'
> script.  For that, I'll need some help.  I need to automatically
> configure and start fedora DS, from within the test scripts.  I
> understand some testing scripts to do this exist...
Basically, you create a .inf file, and pass this file to 
bin/slapd/admin/bin/ds_create or ds_newinst.pl - see 
> To integrate such scripts with Samba4, I need a few things:
> Ideally it would bind to an ldapi:// socket (this is redhat bug 219573: 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219573 ), but for
> now a high port would do.  
> Likewise, it would be ideal if fedora DS could terminate with the
> process group, so we don't risk leaving ldap servers around after a
> failed test.
You can start the server with the "-d 0" argument - this causes the 
server to not detach from the controlling terminal.
> Finally, I need USN support in Fedora DS, or something very much like
> the contextCSN attribute in OpenLDAP.  (With a way to obtain a highest
> value, preferably also a way to get a 'new' value too).
Do you need this to work even if the server does not participate in 
replication?  CSNs are only generated if the server is configured to 
participate in replication.
> Later, we need to figure out how ACLs should behave for all our
> backends.
> Andrew Bartlett
> ------------------------------------------------------------------------
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20070103/f534cdfc/smime.bin

More information about the samba-technical mailing list