why does this patch use samdb_search_count()?

Matthias Dieter Wallnöfer mdw at samba.org
Mon Nov 15 14:24:56 MST 2010


I wasn't aware of this call.

Btw. could you have some look at the ASN1-Implementation for the EXOP 
password changes control? I've already prepared something in my "exop" 
branch. But the ASN1 implementation is the stumbling block.


Andrew Bartlett wrote:
> On Mon, 2010-11-15 at 21:53 +0100, Matthias Dieter Wallnöfer wrote:
>> Andrew,
>> "ldb_dn_base_compare" doesn't work in this case. An example: assume the
>> default basedn as "dc=example,dc=com" and a certain application basedn
>> as "cn=ForestDnsZones,dc=example,dc=com". Now we do have
>> "cn=Infrastructure,cn=ForestDnsZones,dc=example,dc=com" where the object
>> classes should be changed. Well, on "ldb_dn_base_compare" it matches
>> with the application basedn *but also* with the default basedn which it
>> shouldn't. Since the object clearly isn't located in the default basedn
>> partition.
>> The rule says "objectClass" changes allowed on application partitions
>> but not on the standard ones (default, configuration, schema).
>> So, do you know a better way than "samdb_search_count"? I'm open for
>> improvements.
> Tridge pointed me at dsdb_find_nc_root().  This should do what you need.
> Do feel free to ask on the list or on IRC about things like this.
> Andrew Bartlett

More information about the samba-technical mailing list