[PATCH] Improve OpenLDAP backend
hyc at symas.com
Mon Sep 16 23:23:54 CEST 2013
> On Mon, 2013-09-16 at 10:07 -0700, Andrew Bartlett wrote:
>> These patches file off some of the rough edges around the OpenLDAP
>> backend, in particular allowing us to force DIGEST-MD5, allowing the
>> disable NTLMv2 patches to be dropped.
>> Next we just need the right patches for the slapd.conf to use mdb and
>> the right database names, and we should be at the point we got to
>> demonstrating last night.
>> Please review/merge.
>> Andrew Bartlett
> Is there any reason why we are not just using ldapi with external auth ?
> Why do we need actual authentication (besides checking uid is root) ?
That was my question too. I intend to write a patch for this; the provision
script will set a slapd authz-regexp to map the <user running provision> to
the samba-admin identity.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the samba-technical