[PATCHES RESEND] idmap_rfc2307 module

Christof Schmitt christof.schmitt at us.ibm.com
Wed Aug 22 11:40:27 MDT 2012


steve <steve at steve-ss.com> wrote on 08/22/2012 05:44:55 AM:
> On 22/08/12 01:19, Christof Schmitt wrote:
> > Resending the patches since i have not seen any feedback. These
> > patches have been rebased to apply on the current master branch.
> >
> > The basic idea is to retrieve the id mapping information from RFC2307
> > LDAP records. The records can be stored in a stand-alone LDAP server
> > or in the ADS LDAP server. Patch 0007 adds a man page that should give
> > an overview.
> >
> > Feedback? What needs to be done to get this accepted in master?
> 
> Hi Christof
> 
> We can already pull all of rfc2307 from AD with winbind using the code 
> that is already in place in s3.x.

Are you referring to the SFU attributes? The idmap_rfc2307 is no
replacement for the SFU support. It retrieves the name-id mapping from
rfc2307 compliant LDAP records stored in other LDAP suffixes. There
are authentication solutions that provide directories with that
information, the new module can make use of those.

> Would your code work for Samba4, where we can't?

My focus is the smbd fileserver. If you use Samba4 as a fileserver
with the winbind from source3, you can use the new module. You cannot
use it with the Samba4 DC winbind code, as mentioned here:
https://lists.samba.org/archive/samba-technical/2012-June/084972.html

Regards,

Christof Schmitt || IBM || SONAS System Development || Tucson, AZ
christof.schmitt at us.ibm.com  ||  +1-520-799-2469  (T/L: 321-2469)



More information about the samba-technical mailing list