[SAMBA4] Schema objectGUID causing a problem with OpenLDAP backend
Matthieu Patou
mat+Informatique.Samba at matws.net
Wed Nov 18 00:32:14 MST 2009
On 18/11/2009 09:52, Andrew Bartlett wrote:
> On Wed, 2009-11-18 at 01:45 -0500, Endi Sukma Dewata wrote:
>> ----- "Howard Chu"<hyc at symas.com> wrote:
>>
>>>> We now choose the objectGUID for the schema elements. I had hoped that
>>>> the use of the 'relax' control would cause OpenLDAP to accept us
>>>> choosing the GUIDs, but apparently not.
>>>>
>>>> Howard: We need to choose the objectGUID for certain records. How do
>>>> we make OpenLDAP accept that?
>>>>
>>>> We don't strictly need this against OpenLDAP, but it's going to be be
>>>> pain to special case this.
>>>
>>> The relax control is the right answer, but the fact you got this particular
>>> error message indicates that you didn't attach the relax control to
>>> this request.
>>
>> I think we discussed about the relax control recently. At the time we
>> decided to strip the relax control from the request so it's not passed
>> to the backend:
>>
>> http://gitweb.samba.org/?p=samba.git;a=commitdiff;h=68639bfd64f063d1c6e373a2fc276b2bbb7073ca
>>
>> I think the reason was that the relax control was intended for the LDB
>> modules, not for the LDAP backend. Should we now create a distinction
>> between relax controls intended for LDB vs. backend? Or should we always
>> send it to the backend?
>
> If that's what it does, it's not the intention. I had intended to send
> it with no data.
>
> Perhaps we have the OID wrong.
The OID is 1.3.6.1.4.1.4203.666.5.12 which is LDAP_CONTROL_RELAX in
openLDAP, if I wasn't wrong it seems that this control is intended for
this job in openLDAP (the name and a quick glance at openldap code seems
to indicate so).
More information about the samba-technical
mailing list