Extending Samba4 schema

Adam Tauno Williams awilliam at whitemice.org
Tue Dec 7 08:52:19 MST 2010

On Tue, 2010-12-07 at 11:23 +0100, Angelos Oikonomopoulos wrote: 
> On 12/06/2010 04:07 PM, Adam Tauno Williams wrote:
> > On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
> > but in the "Active Directory Schema" snap-ip the syntax for this
> > attribute appears as "Unknown".
> > In general, the more I play with it, LDB's schema handling / management
> > seems extremely fragile.
> > <http://lists.samba.org/archive/samba-technical/2010-November/074964.html>
> > <http://lists.samba.org/archive/samba-technical/2010-December/074974.html>
> Yah, this is making me have second thoughts about even /trying/ to 
> extend the s4 schema. I'm not sure if undoing any changes is going to 
> affect the AD functionality or if my changes will interfere with 
> upgradeprovision. A


> lso, the text at 
> http://wiki.samba.org/index.php/Samba4/LDAP_Backend#Schema_issues speaks 
> of conflicts between the AD schema and the typical LDAP schema :/ 

That doesn't worry me so much, I can always modify the applications to
use a more AD friendly schema.  But loosing the AD is a scary thought.

> Currently my impression is that the best bet would be setting up a proxy 
> LDAP server for keeping the additional information, so that I can be 
> sure that the AD functionality won't be affected. If someone here has 
> any better suggestions I'd be glad to hear them!

Same here.  Having a [secondary] external DSA sounds like an extra-heap
of complexity;  but S4 seems to be a pretty flaky LDAP server.

More information about the samba-technical mailing list