[IPA] SID allocation using DNA plugin

Andrew Bartlett abartlet at samba.org
Tue Nov 3 18:00:02 MST 2009 

On Tue, 2009-11-03 at 17:50 -0500, Endi Sukma Dewata wrote:
> Andrew,
> 
> Please take a look at the attached patch files.
> 
> The first patch contains bug fixes for some minor issues.
> 
> The second patch contains a number of additional schema mapping. When
> I tested the patches that I submitted previously, the schema mappings
> seemed to be enough for avoiding conflicts between AD schema and FDS
> schema. But now it seems there has been some changes so I have to add
> some more mappings.

OK. 

> In this patch I'm renaming some AD object classes using 'samba4' prefix
> because there are already FDS object classes with the same name/OID.
> I don't think we can just skip the AD classes and use the FDS classes
> because although they may look the same they are actually different.
> The AD classes are subclasses of samba4Top which requires AD-specific
> attributes.

I would prefer a more elegant solution.  Perhaps not loading those
classes in FDS, and allowing the FDS users to see the inheritance from
Samba4Top?  However, this is your mapping, and in the end I don't mind
how you do it (make sure you update the simple_ldap_map however!)

Renames are great where this a problem we can't solve any other way, but
I would hate to inflict Samba4* on the world where we could come up with
better solutions. 

If you are going to rename this much, then I suggest you may wish to, as
you proposed earlier, rewrite simple_ldap_map to use a real
configuration file, shared with the schema mapping code.  Otherwise,
these will get out of sync. 

> There is still another problem with the provisioning tool that I'm
> still investigating. Once this is working I will be able to look into
> the 'make test'.

Any chance you can post these (particularly the first patch) as
git-format-patch?

Thanks,

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091104/262c99b3/attachment.pgp>

More information about the samba-technical mailing list