OpenLDAP and Samba4

Matthieu Patou mat at
Sun Apr 21 16:00:26 MDT 2013

On 04/21/2013 12:36 AM, Volker Lendecke wrote:
> On Sat, Apr 20, 2013 at 11:19:43AM -0700, Matthieu Patou wrote:
>>> and slowly but steadily migrate one module after the other into an
>>> OpenLDAP overlay.
>> Pardon my stupidity but I'm not understanding how the OL with LDB
>> this would help migrating to a mdb backend.
>> In my opinion moving to an MDB backend or samdb being an OL overlay
>> is a huge rewrite of our code, nothing impossible but I'd like to
>> remind the quote of Jeremy: "How many of you know project that have
>> succeeded doing a rewrite from scratch", because although we have
>> separate modules they are pretty much interdependent.
> So what we need is a possibly hackish way to make this work
> *now* with all the modules work on top off a slapd. If the
> transactions are a concern, hack them into an extended
> operation. Even if they stall all of the rest of OpenLDAP,
> it won't be worse than what we have now.
Can you develop this point, why the current situation is that bad ?
>   Then go and migrate
> modules step by step. At some point in the future we then
> might be able to make slapd listen itself on 389, but on the
> way there we will benefit from OpenLDAP's better database
> performance. If we have to solve module dependencies on
> their way, that's going to be good for the code.
Do not think that we have module dependencies like that just for the 
sake of being fun, part of it is dictated by the complexity of AD.


Matthieu Patou
Samba Team

More information about the samba-technical mailing list