[PATCHES RESEND] idmap_rfc2307 module
Christof Schmitt
christof.schmitt at us.ibm.com
Fri Aug 24 11:37:39 MDT 2012
Andrew Bartlett <abartlet at samba.org> wrote on 08/23/2012 03:21:40 PM:
> On Thu, 2012-08-23 at 15:12 -0700, Christof Schmitt wrote:
> > The main point is that the new module queries RFC2307 records for the
> > name<->id. It adds support for multiple domains and storing user and
> > group mappings in different LDAP suffixes. No other module does
> > that. idmap_nss be used only for a limited setup with only one domain.
>
> Why do you need the different suffixes, rather than just using the
> common base and a search filter?
We have seen directories where there are different records for the
same user or the same group in different parts of the LDAP
hierarchie. Using different suffixes for users and groups allows us to
point to the specific records to query.
Regards,
Christof Schmitt || IBM || SONAS System Development || Tucson, AZ
christof.schmitt at us.ibm.com || +1-520-799-2469 (T/L: 321-2469)
More information about the samba-technical
mailing list