Matthieu Patou mat+Informatique.Samba at matws.net
Fri Jan 30 22:19:49 GMT 2009

Dear all,

It seems that this part is missing in the samba4 implementation of 
microsoft AD.
In fact a quick look at configuration (CN=Configuration,dc=smb4,dc=tst) 
naming context reveal that those containers are missing:

* Schema
* Physical Locations
* NTDS Quotas
* LostAndFoundConfig
* ForestUpdates
* Extended-Rights

Of all of theses the Extended Rights is the most important and is used 
by the Active Directoy User and Computer tools to define more precisely 
which rights a user/group is granted !
I guess It's quite simple to make an extraction of a W2K, W2K3 or W2K8 
server and get a dump of this container (and other as well).
Have I the right to do so ?
I am ready to make an extraction program and generate a dump of those 
container, to which provision_xxx.ldif this dump should be added ?

And after this I guess rights can easily be granted but until something 
in the code do checking against those rights nothing will happen. Am I 
right ?


More information about the samba-technical mailing list