samba4: machine and user accounts

Andrew Bartlett abartlet at
Wed May 28 22:29:30 GMT 2008

On Wed, 2008-05-28 at 10:02 -0400, Mike Wilkinson wrote:
> Andrew Bartlett wrote:
> > It is described in drsblobs.idl
> >
> > Given that the table is not accessible from windows, I am at a loss as
> > to why Metze chose a binary encoding.  Even so, building a text
> > import/export system (along the lines of the one used for security
> > descriptors and SIDs, both of which are also binary) should not be
> > difficult. 
> >   
> Well I saw how it's represented in memory, that'd be a joy to work with, 
> it's the in-directory copy that's foxed me. I'll have a quick look at 
> the SIDs tools, see if they're using the same encoding method, and maybe 
> give it another go, but time's pressing now so it'll be quick.

I didn't mean for you do write it.  I'll see what I can do today - the
code I'm looking to match is in lib/ldb-samba/ldif_handlers.c

The 'ldif formatted' versions of these structures are human-readable
strings.  See for example how ldif_read_objectSid parsing the
string-form SID, and ldif_write_objectSid creates the human-readable

If we create functions for these, then we should be able to change the
LDIF to a human-readable structure (possibly in another file, then then
subbed in as base64 by the provision script). 

> > I'm sorry we have not been able to make this work for you in the
> > timeframe required.  If you wish to try this again in future, we would
> > very much appriciate the chance to assist, as it is real world
> > deployments that will make Samba4 stronger.
> >   
> It's not a biggie, although it would have been nice to put windows out 
> of the back office completely. I think it's just a case of too much too 
> soon. I've got another couple of bugs to post, so at the very least it 
> was good for reporting those.


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list