[SAMBA4] Help wanted towards AD schema
Andrew Bartlett
abartlet at samba.org
Fri Mar 20 09:50:52 GMT 2009
I wondered if someone would like to take on this challenge, to assist us
moving to a full AD schema.
To do this, we need:
- When a new schema class is added, we must fill in some of the
'automatic' attributes. For example, it seems that adminDescription and
adminDisplayName are set the same as 'CN'.
- MS-ADTS 3.1.1.2.3.2 says that if the mapiID is set to
1.2.840.113556.1.2.49 then it is autogenerated
- MS-ADTS 3.1.1.2.3.4 specifies ldapDisplayName generation
and of course, anything else AD does.
See dsdb/sambdb/ldb_modules/samldb.c for where we do similar things for
users and groups. The code to handle this should be added there.
We also need the attribute possibleInferiors on classes to be
autogenerated per the rules in MS-ADTS 3.1.1.4.5.21. Perhaps
schema_fsmo.c might be the right place to do this.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20090320/39132f34/attachment.bin
More information about the samba-technical
mailing list