Re-engaging the Samba4 LDAP backend
abartlet at samba.org
Sun Apr 4 19:22:51 MDT 2010
On Tue, 2010-03-30 at 19:47 +0200, Oliver Liebel wrote:
> Am 30.03.2010 03:53, schrieb Andrew Bartlett:
> > - Transaction support. While most of the transaction-aware tasks in
> > Samba have now been either pushed off as 'too hard on LDAP' or into
> > modules that are now in the LDAP backend, we still do need transactions
> > over LDAP.
> AFAIK protocol-based transaction support is on the roadmap for OL 2.5.
> > - A way to easily detect that we have OpenLDAP or Fedora DS installed
> > on the system, and what it's version is. Once we have that, we could
> > start trying to run at least some of Samba4's tests against such a
> > backend regularly (and stop breaking it so often).
> just to focus OL, the binary path will differ from
> distro to distro, e.g. debian: /usr/sbin/slapd, suse:
> and "regular" standalone will be /usr/local/libexec/slapd.
> to guess a setup-type (and the according path), a provision.conf-File
> could be
> a start (see "ldap-distro=" below).
I would rather just have our test system try the usual locations, and
otherwise just skip LDAP backend tests.
> > To address a broader range of use cases, I'm looking forward to the work
> > Endi has promised for a 'ldap backend config file' as input to
> > provision. Hopefully this will reduce the options we have to present to
> > users on the provision command line.
> as i already mentioned a few weeks ago in another thread,
> one goal for future s4-releases should be to minimize the necessary
> during provision - means: no need to create a (complex) provision
> string, especially
> with backend-params like ol-mmr.
> an enhancement/simplification could be to put _all_ provision-settings
> (not only the backend params)
> in a "normal" linux-conf-style file, thats basically
> syntax/value-checked when
> starting provision (e.g.: provision -f provision.conf) , before the
> params are applied
> to the procedures inside provision.py/provisionbackend.py.
I should have mentioned my view on this earlier. I do *not* support
moving to a config file for a 'normal' install. Most users just need
to ./provision --realm= --domain= --server-role=
I do support the use of an INI format external file for LDAP backend use
cases. The use of an INI format file is consistent with the rest of
I hope this clarifies my position on this.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 190 bytes
Desc: This is a digitally signed message part
More information about the samba-technical