[Patch] myldap-pub.py

Lukasz Zalewski lukas at dcs.qmul.ac.uk
Wed Aug 18 10:03:18 MDT 2010

Hi Metze, all
Attached is a first iteration patch to myldap-pub.py that extends and 
hopefully generalises its functionality.
Without any options it should behave exactly the same as original, by 
allowing to import the whole domain.

Additional options allow to fine tune various bits'n'bobs of the import 

At the moment the ldap connection is performed using only simple bind.

Also the trust import is still TODO. After a brief conversation with gd 
on IRC it seems that the incoming trust will be represented as a 
computer account (with only [ I ] acctFlag set), but outgoing trust will 
be represented differently, using differentObject class - from samba3x 
schema there are two objectClasses: sambaTrustedDomainPassword and 
sambaTrustPassword. Which one should we check for? Which trusts should 
be imported? What would be the s4 objectClass for them?

I have also noticed that the computer account import also imports 
machine accounts with [ I ] flag - is this intended behaviour? Should we 
condition the import on the presence of [ W ] flag?

Any info and comments appreciated


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: myldap-pub.ldif
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100818/9c6bedf3/attachment.ksh>

More information about the samba-technical mailing list