[PATCH] s4-drs: Delete RODC filtered attributes from objects
Anatoliy Atanasov
anatoliy.atanasov at postpath.com
Tue Apr 6 04:01:35 MDT 2010
Hi Andrew,
I made some changes to the ldap backend to replace the ldb_op_default_callback with one that can handle referrals. Please review the changes here: http://git.samba.org/?p=anatoliy/anatoliy.git;a=commit;h=afaa36d0d9a9924d7439ec27c9b0b22f9aab1168
In a summary i replaced the ldb calls in ldap_server with ones that supply the right callback and context in which the referral can be returned to the client. The problem is that there are too many callbacks and checks in the way. Can I just send the referral to the first callback and skip the stack of modules in the way. Replmd module is way down the stack and there are a lot of callbacks to fix between ldap server and replmd.
Thanks,
Anatoliy
> -----Original Message-----
> From: samba-technical-bounces at lists.samba.org [mailto:samba-technical-
> bounces at lists.samba.org] On Behalf Of Anatoliy Atanasov
> Sent: Friday, March 26, 2010 14:17
> To: abartlet at samba.org
> Cc: tridge at samba.org; samba-technical at lists.samba.org
> Subject: RE: [PATCH] s4-drs: Delete RODC filtered attributes from objects
>
> Hi Andrew,
>
> Last changes are in:
> http://git.samba.org/?p=anatoliy/anatoliy.git;a=commit;h=6b71be1510f391a01
> 4347e4d4dd595294c674618
>
> > -----Original Message-----
> > From: Andrew Bartlett [mailto:abartlet at samba.org]
> > Sent: Thursday, March 25, 2010 06:02
> > To: Anatoliy Atanasov
> > Cc: tridge at samba.org; samba-technical at lists.samba.org
> > Subject: RE: [PATCH] s4-drs: Delete RODC filtered attributes from
> objects
> >
> > On Wed, 2010-03-24 at 17:47 +0200, Anatoliy Atanasov wrote:
> > > Hi Team,
> > >
> > > I am working on the check for read-only database when we are RODC. I
> > > pushed the change here:
> > >
> >
> http://git.samba.org/?p=anatoliy/anatoliy.git;a=commit;h=7004efe1a84f3f289
> > f037f282005fd89ab4b5fe0
> > > Can somebody review it? I added a check in replmd_update_rpmd. The
> > > goal is to return a referral if RODC database is being modified. The
> > > result here is that ldb_module_send_referral doesn't work as I
> > > expected and what we return is Operational Error.
> >
> > Have a look at the 'partitions' module for how to send referrals
> > correctly. Here mdw did some work to send referrals, and I hope you
> > will be able to follow the same pattern.
> The partition module returns the referrals in the callback, so I kind off
> can't get the same behavior in the replmd_modify.
>
> > In short, you need to send the referral, and the error back.
> >
> > Also, it is incorrect to do:
> >
> > req->op.search.scope == LDB_SCOPE_ONELEVEL ? "??base" : ""
> >
> > When 'req' is a modify, not a search operation.
> Fixed, but the referral value isn't propagated by ldb_module_done,
> ldb_module_send_referral and I can't figure out how to make it appear in
> the response.
>
> Any suggestions?
>
> Thanks,
> Anatoliy
>
>
> > Andrew Bartlett
> >
> > --
> > Andrew Bartlett
> http://samba.org/~abartlet/
> > Authentication Developer, Samba Team http://samba.org
> > Samba Developer, Cisco Inc.
More information about the samba-technical
mailing list