[Fedora-directory-devel] [SAMBA4] Fedora DS backend to Samba4
Richard Megginson
rmeggins at redhat.com
Wed Jan 3 14:52:42 GMT 2007
Andrew Bartlett wrote:
> I've been working to allow Fedora DS to backend Samba4, much as OpenLDAP
> can. This, I hope, will bring us the benefits of a replicated backend
> between Samba4 servers.
>
> To set this up, I've placed some notes in setup/fedora-ds-init.ldif and
> extended the provision script. The provision now succeeds, and Win2k3
> can join and log into the Samba4/FDS domain.
>
Excellent!
> The next step is to test the Fedora DS backend in our 'make test'
> script. For that, I'll need some help. I need to automatically
> configure and start fedora DS, from within the test scripts. I
> understand some testing scripts to do this exist...
>
Basically, you create a .inf file, and pass this file to
bin/slapd/admin/bin/ds_create or ds_newinst.pl - see
http://directory.fedora.redhat.com/wiki/Install_Guide#Creating_an_instance_if_using_just_the_core_DS
> To integrate such scripts with Samba4, I need a few things:
>
> Ideally it would bind to an ldapi:// socket (this is redhat bug 219573:
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219573 ), but for
> now a high port would do.
>
> Likewise, it would be ideal if fedora DS could terminate with the
> process group, so we don't risk leaving ldap servers around after a
> failed test.
>
You can start the server with the "-d 0" argument - this causes the
server to not detach from the controlling terminal.
> Finally, I need USN support in Fedora DS, or something very much like
> the contextCSN attribute in OpenLDAP. (With a way to obtain a highest
> value, preferably also a way to get a 'new' value too).
>
Do you need this to work even if the server does not participate in
replication? CSNs are only generated if the server is configured to
participate in replication.
> Later, we need to figure out how ACLs should behave for all our
> backends.
>
> Andrew Bartlett
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20070103/f534cdfc/smime.bin
More information about the samba-technical
mailing list