Re: [Fedora-directory-devel] [SAMBA4] Fedora DS backend to Samba4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Andrew Bartlett wrote:

I've been working to allow Fedora DS to backend Samba4, much as OpenLDAP
can.  This, I hope, will bring us the benefits of a replicated backend
between Samba4 servers.

To set this up, I've placed some notes in setup/fedora-ds-init.ldif and
extended the provision script.  The provision now succeeds, and Win2k3
can join and log into the Samba4/FDS domain.

Excellent!

The next step is to test the Fedora DS backend in our 'make test'
script.  For that, I'll need some help.  I need to automatically
configure and start fedora DS, from within the test scripts.  I
understand some testing scripts to do this exist...
Basically, you create a .inf file, and pass this file to bin/slapd/admin/bin/ds_create or ds_newinst.pl - see http://directory.fedora.redhat.com/wiki/Install_Guide#Creating_an_instance_if_using_just_the_core_DS 
To integrate such scripts with Samba4, I need a few things:
Ideally it would bind to an ldapi:// socket (this is redhat bug 219573: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219573 ), but for now a high port would do. 
Likewise, it would be ideal if fedora DS could terminate with the
process group, so we don't risk leaving ldap servers around after a
failed test.
You can start the server with the "-d 0" argument - this causes the server to not detach from the controlling terminal. 
Finally, I need USN support in Fedora DS, or something very much like
the contextCSN attribute in OpenLDAP.  (With a way to obtain a highest
value, preferably also a way to get a 'new' value too).
Do you need this to work even if the server does not participate in replication? CSNs are only generated if the server is configured to participate in replication. 
Later, we need to figure out how ACLs should behave for all our
backends.

Andrew Bartlett
------------------------------------------------------------------------ 

--
Fedora-directory-devel mailing list
Fedora-directory-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-devel mailing list
Fedora-directory-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux