Pseudobacklinks in samba4
abartlet at samba.org
Sun May 22 23:13:54 MDT 2011
On Mon, 2011-05-23 at 00:05 +0400, Matthieu Patou wrote:
> I just pushed in my repo at
> Pseudo backlinks are a way to do fake linked attributes on attribute
> with a DN like syntax but that are not linked attribute.
> The main interest of this is that if the DN pointed by this attribute
> change then thanks to the pseudobacklink we will be able to change the
> value in the attribute as well.
> This can be very useful when removing a DC or when changing the site of
> a DC and surely in other case that we don't envision yet.
> I tried to be very cautious on this patches (as usual) but a small
> review wouldn't hurt I think !
s4-dsdb: do not allow search on @ attributes and don't return them
This is O(n^3) and not safe, as far as I can see it.
If you used ldb_msg_remove_element() you could make it only O(n^2) and
potentially safe (knowing to repeat the index each time you remove it,
due to the internal memmove()).
We do need to move to a 'mark as deleted' scheme here, as this is one of
our nastiest little traps in the ldb API, but for now you have to work
s4-dsdb: Add a warning about dsdb_module_rename that locks if olddn ==
Is this bug new, or exposed by your tests, or? We should not use FIXME
as a bug tracking system, but actually fix the code if at all possible,
otherwise error out early.
s4-dsdb: In rootdse module, catch rename on any DN that has an impact on
our NTDS Setting dn
We should more dynamically determine this, I think, perhaps based on a
stored GUID (which should not change). We have gradually moved from
having static strings in @ROOTDSE to dynamic lookup, and this is just
another step in that direction.
(this also applies to all the other changes that modify @ROOTDSE).
Let me know if you need any more clarification on these comments, and
thanks for all your hard work on this, we had left this important detail
to one side for too long.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical