samba4: machine and user accounts

Stefan (metze) Metzmacher metze at
Wed May 28 07:10:37 GMT 2008

Mike Wilkinson schrieb:
> Stefan (metze) Metzmacher wrote:
>> It's in the prefixMap attribute,
>> see setup/provision_schema_basedn_modify.ldif.
>> I think we need to autogenerate the base64 encoded
>> based on some plain text source, maybe a simple file
>> like this:
>> 0x00000000:
>> 0x00010000:
>> 0x00020000:
>> ....
>> What we also need is to implement the schema master role
>> completely, so that the schema can we updated at runtime
>> and a new mapping is created, but first we need to write
>> some tests to see how windows handles that.
>> Note the prefixMapping attribute is not exposed via LDAP
>> from windows hosts, the content is only accessable via the
>> DsGetNCChanges() (but not as raw blob how it is stored on the database).
> I've spent hours with gdb trying to work out what the encoding is
> supposed to be, the only thing I can see for sure are the header and the
> last few bytes of the final oid. It seems likely that we can't replace
> AD with samba4 at this point, thanks for any input up to now.

The encoding is defined in source/librpc/idl/drsblobs.idl
look for prefixMapBlob.

And a description of how the mapping works is in
source/librpc/idl/drsuapi.idl see the large comment
above drsuapi_DsReplicaOID.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url :

More information about the samba-technical mailing list