Andrew Bartlett wrote:
Based upon your and Pete's recent emails, it seems that the schema/DIT translation would have to be done on the Samba side. That is, it doesn't sound like an LDAPv3 compliant server would be able to handle the "raw" LDAP from a Windows client. Perhaps as an ldb "plug-in"? That is, Samba would have to map the outgoing (to FDS or other ldap server) attributes/objectclasses to the more standard LDAP IETF ones. Is this something you guys already have, or does ldb already do this? Is this some code you would like some assistance with?On Tue, 2005-11-08 at 19:33 -0700, Richard Megginson wrote:Andrew Bartlett wrote:That would be our choice as well. So how would this work? Samba would not use its built-in database, but would use FDS? And use LDAP as the interface?3) Configure Samba4 to use FDS as it's databaseThis is where I want to go. I hate 'sync' systems with a passion, so I want Samba4 to use FDS as much as possible. We can then provide KDC and Windows Domain services on top of your database.Yes. Indeed at a very conceptual level it would be much as Samba3 can use FDS now.I think you mentioned something about ldb - is that an "ldap backend"?ldb is two things: It is a tdb-based flat-file database with ldap properties, and it is a LDAP client implementation behind the same interface. As such, we can in theory direct any database to be backed either by LDAP (with some very large assumptions about the layout of the ldap server, and it's behaviour) or the flat file. The work to be done here is to define those assumptions, and determine which side of the LDAP socket should modify the queries to make the other side's job easier.
One thing to keep in mind is that we do not yet have support for ldapi, but I don't think it would be hard to add.Actually, neither does Samba4 (we switched from openldap client libs to our own, so lost that as well). It would be very worthwhile adding to both. Andrew Bartlett------------------------------------------------------------------------ -- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
