[Samba] Request to update slapd.conf and OpenLDAP info for Samba-Guide/happy.html

John H Terpstra jht at samba.org
Wed Mar 2 15:16:16 GMT 2005


The book "Samba-3 by Example" was written at the time Samba-3.0.2 was just 
released. At that time (February 2004) the version of OpenLDAP that were 
shipping on SuSE Linux Enterprise Server and on Red Hat Enterprise Linux used 

I agree entirely that this needs to be updated, in fact, it is necessary also 
to update all references to the smbldap-tools as well as many other subtle 
factors that have changed in Samba between Samba-3.0.2 and 3.0.12 (the soon 
to be released version).

I will update the entire book at the first opportunity I get. If you wish to 
submit patches I would be most appreciative.

John T.

On Wednesday 02 March 2005 03:24, Gavin Henry wrote:
> Dear Team,
> The OpenLDAP stuff on this page:
> http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html
> is not the preferred backend, i.e. ldbm, it really, really needs to be bdb.
> See:
> http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbm&file=1085
> "ldbm uses a neutral storage interface which in principle could wrap dbm,
> ndbm, gdbm or sleepycat as underlying storage; however, only Sleepycat is
> considered a reliable choice, so bdb offers more interesting features
> (ACID). Eventually it will disappear."
> And:
> http://www.openldap.org/faq/data/cache/756.html
> "With back-ldbm, there is no fine-grain database locking. This means write
> operations are serialized. And while multiple read operations may be
> performed concurrently, they cannot be performed concurrently with any
> write operation. Additionally, LDBM databases cannot be accessed by only
> one program at a time (generally at the file level). (While one may be
> able to bypass the locking mechanism, you will likely corrupt the database
> (and/or obtain bogus information).)
> With back-bdb, databases are locked on a page level, which means that
> multiple threads (and processes) can operate on the databases
> concurrently. In OpenLDAP 2.1.4 we lifted the restriction against using
> the slap tools while slapd is running on back-bdb. You can perform online
> backups using slapcat or BDB's db_dumputility without interrupting your
> LDAP service. You still must not use slapadd or slapindex while slapd is
> running (due to application-level caching in slapd(8))."
> Point to highlight for disaster recovery:
> "You can perform online backups using slapcat or BDB's db_dumputility
> without interrupting your LDAP service."
> Therefore,
> can we update it for this and all the configuration that goes with using a
> bdb backend?
> I feel we are not doing the Samba community justice, if we are telling
> them to use lbdm.
> Thanks.
> --
> Kind Regards,
> Gavin Henry.
> Managing Director.
> T +44 (0) 1224 279484
> M +44 (0) 7930 323266
> F +44 (0) 1224 742001
> E ghenry at suretecsystems.com
> Open Source. Open Solutions(tm).
> http://www.suretecsystems.com/

John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list