OpenLDAP and Samba4

Matthieu Patou mat at matws.net
Sat Apr 20 14:34:51 MDT 2013 

On 04/20/2013 11:28 AM, Howard Chu wrote:
>
>> Date: Sat, 20 Apr 2013 16:04:46 +0200
>> From: G?mes G?za <geza at kzsdabas.hu>
>
>> 2013-04-20 12:17 keltez?ssel, Luke Howard ?rta:
>>> > On 20/04/2013, at 7:32 AM, G?mes G?za <geza at kzsdabas.hu> wrote:
>>> >
>>>>>> Sorry to express my own opinion as not a samba team member or
>>>>>> regular
> developer (few small patches doesn't count), but instead of trying to use
> OpenLDAP as a backend for samba, wouldn't be useful to try to use 
> tdb/ldb as
> the backend for OpenLDAP and to see what other changes are needed in 
> order to
> have it listen on 389/tcp and 636/tcp on behalf of Samba, something 
> like the
> s3fs setup?
>>>> That's not a bad idea: enforce the ?business logic? (i.e. SAM
> constraints, etc) in the actual backend database itself, rather than 
> in the
> layer between the protocol and the backend database. (We did something
> similar, but much simpler, with the NetInfo backend for OpenLDAP some 
> years ago.)
>>>>
>>>> However: Howard and the OpenLDAP team have invested a lot in backend
> database design (see back-mdb) and I would expect they'd like to leverage
> this, not just the protocol front-end.
>>> >
>>> > -- Luke
>
>> Switch from tdb to mdb perhaps?
>
> (mdb is now called LMDB, to avoid confusion with Microsoft Access mdb 
> etc.)
>
> This has been discussed privately. It is unfortunately not a slam dunk 
> today due to concerns about 32 bit compatibility. Since LMDB works by 
> directly referencing data thru a memory map, it can't manage more than 
> ~2GB on a 32 bit machine. This has not been a concern to us in 
> OpenLDAP because most server deployments are on 64 bit hardware these 
> days. The notable exception, smartphones, rarely have databases bigger 
> than a few MB in size.
>
> We recognize that LMDB may not be practical for some 32 bit embedded 
> servers that Samba targets. We anticipate that 64 bit ARM will replace 
> these devices soon and the problem 
I'm not sure a lot of persons targets AD DC on 32 bit systems, still 2G 
database means hundreds of users so it could be still meaningful for 
small appliances using 32 bit ARM.

Matthieu.

More information about the samba-technical mailing list