msDS-isRODC implementation
Anatoliy Atanasov
anatoliy.atanasov at postpath.com
Thu Apr 29 04:29:30 MDT 2010
> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet at samba.org]
> Sent: Thursday, April 29, 2010 13:22
> To: Anatoliy Atanasov
> Cc: samba-technical at samba.org
> Subject: Re: msDS-isRODC implementation
>
> On Thu, 2010-04-29 at 12:18 +0300, Anatoliy Atanasov wrote:
> > Hi Andrew,
> >
> > I pushed the implementation of msDS-isRODC here:
> http://git.samba.org/?p=anatoliy/anatoliy.git;a=shortlog;h=refs/heads/wip_
> msds_isrodc
> > Please take a look at construct_msds_isrodc_with_dn. There i get the
> objectCategory for the object for which i have to construct msDS-isRODC
> and then i do another search on the schema for the distinguishedName of
> the nTDSDSA class.
> > Is there a way to optimize the second read? Get the distinguishedName
> from schema cache, probably?
>
> Yes, you can look up the schema by objectCategory DN - just get the
> first component an use dsdb_class_by_cn()
Yeah, i used similarly dsdb_class_by_lDAPDisplayName but the dsdb_class struct doesn't have distinguishedName attr in it. The closes thing to DN is defaultObjectCategory, and at the end I need the DN only.
> If you also searched on objectCategory in the first search, then for
> that case you should be able to avoid the second search entirely for
> computer account objects.
How can I request objectClass and ObjectCategory at the same time, I thought in the search_sub struct in operational.c one can get only one attr per request, that is why I specified objectClass, so I can get it in the callback.
> Andrew Bartlett
>
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Cisco Inc.
More information about the samba-technical
mailing list