[IPA] SID allocation using DNA plugin
Andrew Bartlett
abartlet at samba.org
Wed Nov 4 18:26:43 MST 2009
On Wed, 2009-11-04 at 19:15 -0500, Endi Sukma Dewata wrote:
> Andrew,
>
> ----- "Andrew Bartlett" <abartlet at samba.org> wrote:
>
> > > Attach is another patch for the other problem I found during
> > > provisioning. The relax control wasn't defined in the list
> > > so the ldap_encode() failed and the request was never sent
> > > to FDS.
> >
> > OK. The patch's comment is incorrect however - it does have a network
> > representation - it is a well-known and well-defined OID for LDAP
> > network operations.
>
> So do we need to write handlers for this control?
As far as I'm aware I think it's just an OID with no data. So your
patches have been correct, except for the comment. Sorry if I was
unclear :-)
http://tools.ietf.org/html/draft-zeilenga-ldap-relax-03 section 2.
(it is unclear to me that this is the right OID for that doc, but it
will do for now).
> Or do we still want to
> remove it before sending the request to the backend (i.e. internal only)?
> Please see the updated patch.
>
> > Yes, this is the approach I was trying to head towards. Just make sure
> > we don't run the LDB specific functions when we are trying to use
> > OpenLDAP or Fedora DS.
>
> Ok, I'll try to make several incremental changes rather than one big
> change. Thanks.
Thanks.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091105/fe086451/attachment.pgp>
More information about the samba-technical
mailing list