[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-2090-g23b501e
Andrew Bartlett
abartlet at samba.org
Sun Jun 7 09:30:37 GMT 2009
On Sat, 2009-06-06 at 06:10 -0500, Volker Lendecke wrote:
> The branch, master has been updated
> via 23b501e02a15fe94e807e279c224e5657ce47af2 (commit)
> via 256b227b27b599fffe5746bae7132a27e2c59dd4 (commit)
> via 1769c8d81b8b4ad7bae77fabce2bf2051a7d32c1 (commit)
> via 7194937eea7f12a9408655654777fe19832e338a (commit)
> from 0e261d0e9c89ff11dc37b2bfd70c74c3a06486bd (commit)
>
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
>
>
> - Log -----------------------------------------------------------------
> commit 23b501e02a15fe94e807e279c224e5657ce47af2
> Author: Volker Lendecke <vl at samba.org>
> Date: Sat Jun 6 11:25:02 2009 +0200
>
> Add an early prototyp of pdb_ads.c.
>
> The purpose of this module is to connect to a locally running samba4 ldap
> server for an alternative "Franky" setup. Right now it contains a couple of
> gross hacks: For example it just takes the s4-chosed RID directly as uid/gid...
>
> Checking in tldap and pdb_ads now, I think 3777 insertions are enough for a
> start...
I think this is a really interesting idea. I've for a long time wanted
to see an passdb module using the ADS schema, but never had the reason
to implement it.
> commit 256b227b27b599fffe5746bae7132a27e2c59dd4
> Author: Volker Lendecke <vl at samba.org>
> Date: Fri May 29 10:48:54 2009 +0200
>
> Allow access as SYSTEM on a privileged ldapi connection
>
> This patch creates ldap_priv/ as a subdirectory under the private dir with the
> appropriate permissions to only allow the same access as the privileged winbind
> socket allows. Connecting to ldap_priv/ldapi gives SYSTEM access to the ldap
> database.
Rather than this, I would really prefer to implement the EXTERNAL bind
with the unix credential passing system. This would better match the
behaviour of other LDAP servers (such as OpenLDAP and Fedora DS).
> commit 1769c8d81b8b4ad7bae77fabce2bf2051a7d32c1
> Author: Volker Lendecke <vl at samba.org>
> Date: Sat Jun 6 12:32:46 2009 +0200
>
> Add some samba-style tldap utility functions
>
> commit 7194937eea7f12a9408655654777fe19832e338a
> Author: Volker Lendecke <vl at samba.org>
> Date: Sat Jun 6 12:30:57 2009 +0200
>
> Add the early start of an async ldap library
>
> There's a lot of things this does not do yet: For example it does not parse the
> reply blob in the sasl bind, it does not do anything with controls yet, a lot
> of the ldap requests are not covered yet. But it provides a basis for me to
> play with a pdb_ads passdb module.
Perhaps I'm missing something, but rather than build yet another LDAP
lib from scratch, why not just use async LDB and it's ldb_ildap?
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090607/f096ee53/attachment.bin
More information about the samba-technical
mailing list