[IPA] SID allocation using DNA plugin

Endi Sukma Dewata edewata at redhat.com
Fri Nov 13 18:53:18 MST 2009


Please take a look at the attached patch. For now I have reverted
the changes on the modules list back to the original.

I also removed the dnaMaxValue parameter of the DNA plugin, it
shouldn't be there in the first place.

I've run the quicktest with the default, FDS, and OpenLDAP backends
and they all passed successfully.

Please let me know if there's anything else I need to change. I've
also pushed this patch into this repository:


Endi S. Dewata

----- "Andrew Bartlett" <abartlet at samba.org> wrote:

> On Thu, 2009-11-12 at 22:26 -0500, Endi Sukma Dewata wrote:
> > Andrew,
> > 
> > Please take a look at the attached patch.
> > 
> > For now the schemaIdGuid is generated using SHA256. If we want to
> > replace it with another mechanism I think we could do it in another
> > patch.
> > 
> > Now the code generates 2 Schema objects:
> > - AD schema only. This one is created in provision().
> > - AD schema + backend-specific schema. This one is created in
> >   OpenLDAPBackend and FDSBackend classes.
> > 
> > As mentioned earlier, I removed the changes to schema_syntax.c.
> > I also moved the lists of LDB modules for SAM database into the
> > backend classes.
> > 
> > Are these ok? Thanks!
> We actually need to move the modules list out of provision (and the
> databases we provision) and into the C code.  Otherwise, we keep
> having
> to re-provision just because I decided to change a module's name. 
> In the meantime, can we keep the whole module list in one place?  I
> don't mind if it moves, but otherwise it's hard to visualise the
> whole
> list. 
> Andrew Bartlett
> -- 
> Andrew Bartlett                               
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Cisco Inc.

More information about the samba-technical mailing list