Hooking a program on AD event

Stefan (metze) Metzmacher metze at samba.org
Fri Apr 3 07:11:53 GMT 2009

Michael Ströder schrieb:
> Luke Howard wrote:
>> On 02/04/2009, at 10:41 PM, Sassy Natan wrote:
>>> If you using Samba4 with OpenLDAP Backend then you can use
>>> the slapo-accesslog(5) overlay, and watch the status of the accesslog
>>> database.
>>> when a new object is created (for example a workstation) in some
>>> container
>>> in the LDAP, then you can run your script.
>> If you're using OpenLDAP, you can just write an overlay or SLAPI plugin.
> Another option would be to implement a syncrepl client accessing the
> OpenLDAP backend for retrieving changes. (This gets rather a topic for
> the openldap-software mailing list though.)
> All scenarios require that one has access to the OpenLDAP backend server
> and fully understand the schema-quirks done inside smbd for mapping the
> MS AD schema to the Samba4 schema in OpenLDAP. That's something Andrew
> Bartlett didn't like. But personally I think it's needed.
> Review the discussion, in particular my reply:
> http://lists.samba.org/archive/samba-technical/2009-March/063757.html

A combination of the LDAP_SERVER_NOTIFICATION_OID and
LDAP_SERVER_DIRSYNC_OID controls would also work against windows
servers. (But we don't support them yet in samba4)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20090403/acb79199/signature.bin

More information about the samba-technical mailing list