Endi's Bug 7530 patches (LDAP backend)
abartlet at samba.org
Wed Jul 7 19:15:38 MDT 2010
On Mon, 2010-06-28 at 20:41 -0400, Endi Sukma Dewata wrote:
> Hi Andrew,
> ----- "Andrew Bartlett" <abartlet at samba.org> wrote:
> > The expand_nested_groups patch will work, but I do not wish us to take
> > this approach. The LDAP backend needs to provide, one way or another,
> > this information - if we start to have fallbacks in the code, we will
> > duplicate the whole extended DN infrastructure in each caller. The
> > OpenLDAP backend provides this by a server-side module, and either
> > Fedora DS must do the same, or fake it up in a Samba module at the
> > bottom of the stack.
> Could you point me to the OpenLDAP module that handles this? Thanks!
I'm sorry, I wasn't thinking over the history here when I made this
comment, nor did I look into it properly. I get the same failure
against OpenLDAP, and Fedora DS has implemented the control required
here for quite some time now.
I'm going to debug what is really going on here today.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 190 bytes
Desc: This is a digitally signed message part
More information about the samba-technical