[PATCH] Improve OpenLDAP backend
Howard Chu
hyc at symas.com
Mon Sep 16 23:23:54 CEST 2013
Simo wrote:
> On Mon, 2013-09-16 at 10:07 -0700, Andrew Bartlett wrote:
>> These patches file off some of the rough edges around the OpenLDAP
>> backend, in particular allowing us to force DIGEST-MD5, allowing the
>> disable NTLMv2 patches to be dropped.
>>
>> Next we just need the right patches for the slapd.conf to use mdb and
>> the right database names, and we should be at the point we got to
>> demonstrating last night.
>>
>> Please review/merge.
>>
>> Andrew Bartlett
>
> Is there any reason why we are not just using ldapi with external auth ?
> Why do we need actual authentication (besides checking uid is root) ?
That was my question too. I intend to write a patch for this; the provision
script will set a slapd authz-regexp to map the <user running provision> to
the samba-admin identity.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the samba-technical
mailing list