Is there any plan to do the openldap schema extensible?

Andrew Bartlett abartlet at
Tue Aug 25 04:24:56 MDT 2009

On Mon, 2009-08-24 at 23:42 +0200, Alejandro wrote:
> I'm testing samba4 with openldap backend.I want to develop a plugin for the
> GOsa (, this poject is a manager based on the openldap
> tree.
> One of the firsts things i see that provisión generate a unique file for
> schema, doing it hard to me to integrate to other schemas...

Indeed.  Microsoft's AD schema is hard to integrate into other schemas,
and Samba4 uses the AD schema. 

> Is there any plan to make the openldap schema extensible and let it to use
> in a deployed server?

There are ways this can be done, but it's a lot of work.  For every area
where Samba4 wants to move away from what AD does, we have to implement
a mapping.  For the moment I'm encouraging those interested in admin
tools to make them work with the AD schema.  

The one project that is trying to do this is FreeIPA.  They have some
plans about how they hope to have Samba4 as a frontend, but I'm not
aware of a public page with the details (but I have a promise that such
a page will come). 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list