lukas at dcs.qmul.ac.uk
Wed Aug 18 10:03:18 MDT 2010
Hi Metze, all
Attached is a first iteration patch to myldap-pub.py that extends and
hopefully generalises its functionality.
Without any options it should behave exactly the same as original, by
allowing to import the whole domain.
Additional options allow to fine tune various bits'n'bobs of the import
At the moment the ldap connection is performed using only simple bind.
Also the trust import is still TODO. After a brief conversation with gd
on IRC it seems that the incoming trust will be represented as a
computer account (with only [ I ] acctFlag set), but outgoing trust will
be represented differently, using differentObject class - from samba3x
schema there are two objectClasses: sambaTrustedDomainPassword and
sambaTrustPassword. Which one should we check for? Which trusts should
be imported? What would be the s4 objectClass for them?
I have also noticed that the computer account import also imports
machine accounts with [ I ] flag - is this intended behaviour? Should we
condition the import on the presence of [ W ] flag?
Any info and comments appreciated
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the samba-technical