[Patch] Add an idmap implementation to winbind
simo
idra at samba.org
Fri Feb 15 14:20:30 GMT 2008
On Fri, 2008-02-15 at 08:19 +0100, Stefan (metze) Metzmacher wrote:
> simo schrieb:
> > On Fri, 2008-02-15 at 07:48 +0100, Stefan (metze) Metzmacher wrote:
> >>> You can start with just using the default partition imo, we will se if
> >>> there is any reason to split it in a separate one.
> >>> sam.ldb will require schema though.
> >> And that's bad, we need work without any schema changes!
> >
> > What's the problem with additional schema ?
>
> I want to be able to join an existing sub-domain as DC without
> the need to change the schema of the whole forest.
We do not need it always, only when we are a domain member, probably.
> And we also don't need idmap in all cases, if we're a DC only
> and don't use the unixid NTVFS module on the SYSVOL/NETLOGON share.
In this case we wont need any schema extension.
Another thing we might explore is to store data in the application
partition, we can do that without changing the schema, although I do not
like the solution too much, it sill allows to use idmapping without
schema changes and have data replicated.
I guess we will return on this later.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>
More information about the samba-technical
mailing list