[PATCH] s4-drs: Set default RODC filtered attribute set
Fernando J V da Silva
fernandojvsilva at yahoo.com.br
Thu Feb 18 15:13:07 MST 2010
Hi!
This small patch sets the correct bits on searchflags to make some
attributes part of the RODC filtered attribute set (I do it on
MS-AD_Schema_2K8_R2_Attributes.txt and
MS-AD_Schema_2K8_R2_Classes.txt, so it is set during provision.
Please, let me know if any of you think it isn't nice ...). This patch
is also available at my repository in repo.or.cz, at rodc branch.
I also wrote a function to make any schema attribute as part of the
RODC filtered attribute set, but I don't know where exactly in S4 code
I should put it ... Should I put it in some existing tool (perhaps
like ldbmodify ...), so it would set an attribute as part of RODC
filtered set if some specific option is mentioned on command line? Or
should I create another tool (some kind of "admin tool") and put it
there? (hoping that more helping functions would also be added to such
tool on the future ...).
Another option would be discard such function, then the user should
add an attribute to the RODC filtered set by setting the flags
manually through ldbmodify, just like the recomended on microsoft
documentation: http://technet.microsoft.com/en-us/library/cc772331(WS.10).aspx
Cheers,
--
Fernando J V da Silva
M Sc Computer Science Student
Institute of Computing, State University of Campinas
+55 15 8801-2165
2010/2/11 Anatoliy Atanasov <anatoliy.atanasov at postpath.com>:
> Sounds good to me :), I am still working on join as RODC task.
>
>> -----Original Message-----
>> From: fernandojvdasilva at gmail.com [mailto:fernandojvdasilva at gmail.com] On
>> Behalf Of Fernando J V da Silva
>> Sent: Thursday, February 11, 2010 19:13
>> To: Anatoliy Atanasov; samba-technical at lists.samba.org
>> Cc: abartlet at samba.org
>> Subject: Re: s4-drs: Working on Support RODC
>>
>> Hi Anatolyi! Thanks for reply!
>>
>>
>> 2010/2/11 Anatoliy Atanasov <anatoliy.atanasov at postpath.com>:
>> > I just started doing that and I just managed to gather some tasks and I
>> published them on the DRS_TODO list. Currently I am working on joining
>> Samba as RODC using the libnet_Become_dc code; I saw that I can't do it by
>> just modifying the ./setup/provision script :). So there is a lot that you
>> can do, just pick one and give it a try and tell me how it goes :) The
>> credential caching is Andrew Bartlett field of expertise so you might want
>> to safe that for him.
>>
>> Ok! So I think I'm going to try the "Support for the RODC filtered
>> attribute set" task (if you haven't worked on it while working on
>> joining Samba as RODC ...).
>>
>> I'm trying to write a function to add an attribute to the set of RODC
>> filtered ones (I suppose that perhaps it could be called by some kind
>> of "admin tool" (or even ldbadd, ldbmodify or ldbedit ... ) to avoid
>> the direct modify on the attribute schema, like described at
>> http://technet.microsoft.com/en-us/library/cc772331(WS.10).aspx and
>> also could be called by any function that wants to add an attribute to
>> the set of RODC filtered ... ). Do you think that it would be ok?
>>
>> Regards,
>>
>> --
>> Fernando J V da Silva
>> M Sc Computer Science Student
>> Institute of Computing, State University of Campinas
>> +55 15 8801-2165
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s4-drs-Set-default-RODC-filtered-attribute-set.patch
Type: text/x-patch
Size: 2221 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100218/de300afd/attachment.bin>
More information about the samba-technical
mailing list