[Samba] Does anybody use idmap_adex?

Gerald Carter jerry at plainjoe.org
Mon Jun 28 10:00:49 MDT 2010


On 06/28/2010 10:51 AM, Volker Lendecke wrote:
> On Mon, Jun 28, 2010 at 10:37:28AM -0500, Gerald Carter wrote:

>> Sort of correct.  But these are specific OU cells and not
>> a forest wide cell.  At the risk of digressing into a Likewise
>> specific thing, an OU cell stores the meta data for objects
>> in a container inside the OU.  So you can add a user or group
>> across a one-way trust to an OU cell and the UNIX attribute
>> information is stored inside the OU in *your* domain.
>> So in this case, you don't send LDAP queries across a one-way
>> trust.  In the RFC2307 forest cell case, the UNIX attribute
>> information is stored *on* the actual user and group object.
>>
>> Idmap_adex only supported the RFC2307 forest "cell" since this
>> was easy to do using the MS "Identity Services for Unix" management
>> tools.
>>
>> Make sense?
>
> So it is just the naming of structures, routines and so on
> that points at the concept of Likewise Cells, nothing in the
> code actually references anything specific to those?

Correct.  I just reused a lot of the Likewise code here.
My intent was originally to minimize change between the
version that we shipped in Likewise Identity 4.x and what
was in Samba and to leverage the Likewise QA team on both
fronts.

I can draw you a diagram on a napkin at Samba XP next year
just for the sake of conversation and maybe explain it better.
:)



cheers, jerry
-- 
Director of Engineering                      http://www.likewise.com/


More information about the samba mailing list