[Fedora-directory-devel] Fedora Directory and Samba4

Andrew Bartlett abartlet at samba.org
Wed Nov 9 03:46:13 UTC 2005 

On Tue, 2005-11-08 at 19:33 -0700, Richard Megginson wrote:
> Andrew Bartlett wrote:
> 
> >>3) Configure Samba4 to use FDS as it's database
> >>    
> >>
> >
> >This is where I want to go.  I hate 'sync' systems with a passion, so I
> >want Samba4 to use FDS as much as possible.  We can then provide KDC and
> >Windows Domain services on top of your database.
> >  
> >
> That would be our choice as well.  So how would this work?  Samba would 
> not use its built-in database, but would use FDS?  And use LDAP as the 
> interface?  

Yes.  Indeed at a very conceptual level it would be much as Samba3 can
use FDS now.

> I think you mentioned something about ldb - is that an "ldap 
> backend"?  

ldb is two things:  It is a tdb-based flat-file database with ldap
properties, and it is a LDAP client implementation behind the same
interface.  As such, we can in theory direct any database to be backed
either by LDAP (with some very large assumptions about the layout of the
ldap server, and it's behaviour) or the flat file.

The work to be done here is to define those assumptions, and determine
which side of the LDAP socket should modify the queries to make the
other side's job easier.

> One thing to keep in mind is that we do not yet have support 
> for ldapi, but I don't think it would be hard to add.

Actually, neither does Samba4 (we switched from openldap client libs to
our own, so lost that as well).  It would be very worthwhile adding to
both.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20051109/ca4cae5a/attachment.sig>

More information about the Fedora-directory-devel mailing list