[Samba] Samba 3.0.4 PDC w/ LDAP - XP client

Stefan G. Weichinger monitor at oops.co.at
Thu May 20 01:24:30 GMT 2004

Hello, Jérôme,

Donnerstag, 20. Mai 2004, 01:05 you wrote:

JT> Le Thu, May 20, 2004 at 12:40:10AM +0200, Stefan G. Weichinger a ecrit:
>> What about 0.8.5 ? ;-)
JT> Well, it will come in a short time i think. I just wait for some feedback
JT> about the cvs version: i added a new object called cn=sambaUnixIdPool that
JT> has the sambaUnixIdPool objectclass. This object allow to store the next
JT> uidNumber and gidNumber available when adding a new user or a new group.
JT> This is usefull for directory with large number of users. I am not sure
JT> that cn=sambaUnixIdPool is the best name for this, and i am wondering if
JT> this objectclass was initially made for this purpose (if i must remove that
JT> later because this objectclass is made for something else, i prefer to know
JT> that as soon as possible)
JT> Any comment is welcome ;-)

I don't think I am the one to comment this after spending X hours to
get my test-domain up and running ;-)

Maybe something like cn=sambaNextFreeUnixId would be clearer ... but
things mostly get clear through documentation. I don't know enough
about the sambaUnixIdPool objectclass yet. Maybe one of the team ...?

(cn=sambaUnixIdPool sounds like something static to me.)

>> As many people will take your toolset as the one to start with and
>> will take the included HOWTO as the one to follow, I would suggest to
>> modify the HOWTO to something like:
>> "As bugreport x.y.z in bugzilla.samba.org states, there are problems
>> with using the Container ou=Computers with Samba 3.0.x ... "
JT> This is present in the cvs version of the smbldap-tools documentation.

Ok. I have to get access to this version tomorrow.

JT> I was waiting for the next release to publish the cvs version as the
JT> documentation explain options that are not present in the 0.8.4 release.
JT> btw, i've updated the Samba-ldap Howto for use with samba3.

GOOD! There are still links to stuff mentioning Samba 2.2.4 ...

JT> It is
JT> essentially an update, and there are still some TODO in the documentation.
JT> A draft is available here :
JT> http://samba.idealx.org/smbldap-howto.fr.html

Quickly scanned it. Found no mentioning of the container-issue so far,
is there one? (seems to be the non-cvs-version)

Look at it from the view of the beginner. He wants to get stuff ready
to cut-and-paste-and-maybe-edit-a-BIT ... there is still the line

ldap machine suffix = ou=Computers

in it which I would change to ou=Users and clearly explain why.

Beginners are scared and don't know about LDAP and such, even if they
are capable of running Linux and Samba ... they want something to
TRUST and start with without having to know and understand every

Ok, it is possible to use suffix = ou=Computers IF YOU DO
SOMETHING-ELSE, but this should get transported to the willing user
... he does not WANT to use suffix = ou=Computers, he just wants a
PDC ...

If there are well-known issues (I found some of them via googling or
browsing my local archive of the samba-mailinglist) they should get
into the docs ...

I had to do loads of research in the last few days. And I have access
to several Samba-books here ... "Using Samba","The Official Samba-3
HOWTO And Reference Guide", "Samba Pocket Reference" 1&2, ... most of
the main obstacles I found were NOT covered in there.
(And, yes, I read the books ;-) actually I am even translating one ... )

It's all about push-versus-pull here.


Your latest HOWTO is excellent so far, I will read it in detail tomorrow and
give you feedback ... (maybe even translate it to german sometimes
later?) ...


General note on open-source-docs (please be kind, it is late and I am
not exactly fresh in my head ... this is not AT ALL offending your work !):

open-source-software offers flexibility in a way that exceeds the
scope of most people starting to use a specific open-source-software.

In the case given that means that we as open-source-developers,
-maintainers and -supporters should try to offer some quick and
general way to get things started.

(John and Jelmer have the chapter "A cure for impatience" in the
Samba-3-HOWTO, for example.)

Imagine the average MS-Windows-Domain-Admin.

(I bet this guy quits trying-to-hack-things after he fails to get LDAP
installed. Assuming he gets Linux running.)


If we (as abstract open-source-community) want to offer solutions, we
have to offer efficient, sophisticated and technically advanced stuff
(like Samba ...) as well as we have to offer ways to get started with
it in a pseudo-simple way.

You know that, otherwise you would not have started to write a HOWTO!

All this Domain-stuff is far from being trivial, I know, and I don't

I appreciate and LOVE the flexibility, power and freedom
open-source-software gives me.

But sometimes I would appreciate some easy 3-steps-to-start as well.

And I am ready and willing to contribute to get a bit closer to that.

Thanks for your work again.

With best regards,

More information about the samba mailing list