LDAP/Samba 4 summary

simo idra at samba.org
Tue Oct 2 20:45:26 GMT 2007

On Tue, 2007-10-02 at 13:39 -0700, Andrew Bartlett wrote:
> Yes, but we may not wish to have the backend server be as fully aware
> as
> Samba about the full monster that is the AD schema, or we may wish to
> pre-empt the backend server's response.  For example, if Samba
> implements a 'no-user-modification' attribute in a module, we will
> have
> to remove that tag from the OpenLDAP/FedoraDS schema, and prevent that
> modification ourselves. 

We will have to return an error in this case.
If we don't offload the full schema to the LDAP server I guess we will
have to implement full schema checking (may be slow but it is only used
for operations that modify the data).


Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org

More information about the samba-technical mailing list