LDAP/Samba 4 summary
Howard Chu
hyc at symas.com
Tue Oct 2 20:02:58 GMT 2007
Andrew Bartlett wrote:
> (please forgive the cross-posting to subscriber-only lists)
>
> Howard Chu helpfully wrote up this summary of the meeting we held at the
> CIFS Workshop on how Samba4 should work with an LDAP backend.
>
> The background is that Samba4 increasingly needs some things that an
> LDAP server could provide for us. In the short term, we need to add
> subtree renames to ldb_tdb, but OpenLDAP's hdb already provides this for
> us.
>
> Likewise, we have a desperate need for replication (because any site in
> need of Samba4's features will want multiple DCs) - and Fedora DS's
> replication seems like a very good, solid answer. (Sadly it doesn't
> give us subtree renames...).
Multimaster replication is also in OpenLDAP 2.4 (which is currently still in
beta - we're still shaking it down, more testers would probably be helpful at
some point).
> Another feature we don't yet do schema validation in Samba4, beyond
> checking that the objectClass list is valid. We need to extend that,
> but perhaps the LDAP server could do that validation for us?
Right, since LDAP doesn't really depend on schema-aware clients this is the
LDAP server's responsibility. (As opposed to X.500, where every agent in the
system must be fully schema aware.)
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the samba-technical
mailing list