[Samba] samba4 schema for openldap

Rowland penny rpenny at samba.org
Thu Dec 17 19:01:19 UTC 2015 

On 17/12/15 18:53, Таболин Юрий wrote:
> 17.12.2015 0:27, Rowland penny пишет:
>> On 16/12/15 20:40, Таболин Юрий wrote:
>>> 16.12.2015 22:47, Rowland penny пишет:
>>>> On 16/12/15 19:35, Rowland penny wrote:
>>>>> On 16/12/15 19:02, Таболин Юрий wrote:
>>>>>> Hi all.
>>>>>>
>>>>>> I have samba 4.2.3 on freebsd 10.1 server. There are three DC and 
>>>>>> about 350 PC on domain. I wrote earlier that samba4 ldap 
>>>>>> performance is not enough for me. Now I want to try a server in 
>>>>>> the middle with openldap pcache - ldap cache proxy function. But 
>>>>>> it only works with appropriate openldap schema. Where I can find 
>>>>>> samba4 openldap schema? I'm going to cache simple queries such as
>>>>>>
>>>>>> (&(objectClass=user)(sAMAccountName=username))
>>>>>>
>>>>>> I will have enough and the simplified schema. Thanks!
>>>>>>
>>>>>>
>>>>>
>>>>> Not sure there is one, there is some work going on to get samba4 
>>>>> working with LDAP instead of the builtin ldap server, but it has 
>>>>> gone quiet lately, not this means anything really. I understand 
>>>>> that initially, Samba tried to use LDAP but could not get it to 
>>>>> work, so had to go with their own built in ldap server. If you 
>>>>> want to attempt something, you could do worse than looking in the 
>>>>> setup directory that samba installs.
>>>>>
>>>>> Rowland
>>>>>
>>>>
>>>> And then after I posted. I thought, I wonder if he didn't actually 
>>>> mean the AD schema, so did a quick google and within 10 seconds I 
>>>> found this: https://haroonferoze.wordpress.com/2012/11/26/openldap/
>>>>
>>>> Rowland
>>>>
>>>>
>>> I have seen this article earlier, but there is setup only proxy 
>>> without cache. Similarinstructionshere 
>>> https://wiki.samba.org/index.php/OpenLDAP_as_proxy_to_AD . That's 
>>> not whatI need.
>>>
>>>
>>>
>>>
>>
>> OK, a bit more googling, turned this up, but it in japanese: 
>> http://www.hanabusa.net/intra/ldapcache.html
>>
>
> Big thanks! It very helps for me. I don’t understand japanese, but 
> there is a link to ad.schema file. I have done some modifications on 
> it and it works for me.
>

I had a 'play' with it and yes it does seem to work, though I had to 
source some extra info elsewhere.
Fairly typical for online howtos :-)

Rowland

More information about the samba mailing list