OpenLDAP and Samba4
lukeh at padl.com
Sat Apr 20 04:17:44 MDT 2013
On 20/04/2013, at 7:32 AM, Gémes Géza <geza at kzsdabas.hu> wrote:
> Sorry to express my own opinion as not a samba team member or regular developer (few small patches doesn't count), but instead of trying to use OpenLDAP as a backend for samba, wouldn't be useful to try to use tdb/ldb as the backend for OpenLDAP and to see what other changes are needed in order to have it listen on 389/tcp and 636/tcp on behalf of Samba, something like the s3fs setup?
That's not a bad idea: enforce the “business logic” (i.e. SAM constraints, etc) in the actual backend database itself, rather than in the layer between the protocol and the backend database. (We did something similar, but much simpler, with the NetInfo backend for OpenLDAP some years ago.)
However: Howard and the OpenLDAP team have invested a lot in backend database design (see back-mdb) and I would expect they'd like to leverage this, not just the protocol front-end.
More information about the samba-technical