Some remarks on Samba4 with OpenLDAP backend
Luke Howard
lukeh at padl.com
Sun Mar 22 11:20:03 GMT 2009
On 22/03/2009, at 7:05 PM, Andrew Bartlett wrote:
> On Sun, 2009-03-22 at 01:53 +1100, Luke Howard wrote:
>>> For example, Samba maintains the 'name' attribute in OpenLDAP
>>> manually
>>> (mapping it to Samba4RDN). If the backend were administered
>>> directly,
>>> nothing would keep 'name' in sync with the RDN.
>>
>> Can't you just synthesise this from the RDN in a computed attribute
>> plugin?
>
> Well, we have to be able to search on it - can you do that on a
> computed
> attribute plugin?
True, you can't, but from memory OpenLDAP allows you to search on
attribute supertypes, and "name" is a supertype of all naming
attributes (or at least the common ones).
Also, if a computed attribute is just an alias of another attribute,
then you can register a search filter rewriter
(slapi_compute_add_search_rewriter()) to do the inverse translation to
the computed attribute callback.
The replicating version of XAD did maintain "name" separately, but I
can't remember why. I think it had something to do with the attribute
metadata. But this also happened inside a plugin.
-- luke
More information about the samba-technical
mailing list