AD DNS and Global sequence number implementation

Andrew Bartlett abartlet at samba.org
Mon Nov 21 22:33:25 MST 2011


On Tue, 2011-11-22 at 12:56 +1100, Andrew Tridgell wrote:
> Hi Amitay,
> 
> This is great work, thanks! 
> 
> > To overcome this problem, I have put together few patches that use a
> > TDB database (metadata.tdb) to store the sequence number. This way the
> > sequence number is independent of the partitions and survives deletion
> > of partitions.
> 
> I should also mention for the benefit of others following this thread
> that we need this change even without the bind9 work, as without it we
> will have a lot of trouble when we start supporting deleting
> partitions. We need to be able to delete application partitions, and
> also remove partitions associated with subdomains if the admin says we
> should no longer be replicating those partitions.
> 
> The method of using the sum of the partition sequence numbers as the
> overall SAM sequence number is just too fragile, and it's good for us to
> have this new approach.

I'll claim the credit for this disgusting hack, and be very glad to see
it go.

However, you cannot change ldb.h without considering the ABI and API
implications.  I'm not sure that these should never have been a part of
the public ABI and API, but once put out in public we have difficulty
removing these.  In particular, you change the value of LDB_SEQ_NEXT

I'm less concerned about the timestamp sequence number removal from
ldb_tdb, as long as the flags are retained, as you can indicate that the
sequence number was not timestamp based by not setting that flag.
However, this is a feature, and we should be cautious as to the removal.

Can you break this up into separate patches that do the dsdb work and
the base ldb work?

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org



More information about the samba-technical mailing list