Extending Samba4 schema

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Extending Samba4 schema

Andris Lismanis
Hi,


Following on from 'http://lists.samba.org/archive/samba-technical/2010-November/074786.html' thread, I have come across another problem. I have been playing with Samba4 and Zarafa integration. I have managed to extend most of attributes with exception of few. Samba4 ldb seems to crash when importing the following type of attribute:

dn: CN=Zarafa-Send-As,<SchemaContainerDN>

changetype: add

adminDisplayName: Zarafa-Send-As

attributeID: 1.3.6.1.4.1.26278.1.1.2.4

attributeSyntax: 2.5.5.1

cn: Zarafa-Send-As

distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>

instanceType: 4

isSingleValued: FALSE

lDAPDisplayName: zarafaSendAsPrivilege

name: Zarafa-Send-As

objectCategory: CN=Attribute-Schema,<SchemaContainerDN>

objectClass: top

objectClass: attributeSchema

oMSyntax: 127

schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw== 

showInAdvancedViewOnly: TRUE

searchFlags: 0

It looks like samba does not like either oMSyntax: 127 (other syntaxes are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine). I have tested this both on 4.0.0alpha12-GIT-f12756b and 4.0.0alpha14-GIT-929063b

Can someone confirm that this is to do with full AD schema issue or is this something else and whether there is any way round this.

I'm also attaching the original LDF file that comes with Zarafa. Please note that changetype has been changed to add and <SchemaContainerDN> to CN=Schema,CN=Configuration,DC=example,DC=com

Thanks,
 

Andris 

zarafa-ads.ldf (24K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Adam Tauno Williams
On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:

> Hi,
> Following on from
> 'http://lists.samba.org/archive/samba-technical/2010-November/074786.html' thread, I have come across another problem. I have been playing with Samba4 and Zarafa integration. I have managed to extend most of attributes with exception of few. Samba4 ldb seems to crash when importing the following type of attribute:
> dn: CN=Zarafa-Send-As,<SchemaContainerDN>
> changetype: add
> adminDisplayName: Zarafa-Send-As
> attributeID: 1.3.6.1.4.1.26278.1.1.2.4
> attributeSyntax: 2.5.5.1
> cn: Zarafa-Send-As
> distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>
> instanceType: 4
> isSingleValued: FALSE
> lDAPDisplayName: zarafaSendAsPrivilege
> name: Zarafa-Send-As
> objectCategory: CN=Attribute-Schema,<SchemaContainerDN>
> objectClass: top
> objectClass: attributeSchema
> oMSyntax: 127
> schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw==
> showInAdvancedViewOnly: TRUE
> searchFlags: 0
> It looks like samba does not like either oMSyntax: 127 (other syntaxes
> are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine). I
> have tested this both on 4.0.0alpha12-GIT-f12756b
> and 4.0.0alpha14-GIT-929063b
> Can someone confirm that this is to do with full AD schema issue or is
> this something else and whether there is any way round this.
> I'm also attaching the original LDF file that comes with Zarafa.
> Please note that changetype has been changed to add and
> <SchemaContainerDN> to CN=Schema,CN=Configuration,DC=example,DC=com

I believe there is some kind of issue regarding creating attributes with
the 2.5.5.1;  even if you can create them they don't appear to be
usable.  I was able to import a scheme definition for radiusProfileDn -

dn:
CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,DC=COM
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.3317.4.3.1.49
schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
cn: Radius-Profile-DN
name: radiusProfileDn
lDAPDisplayName: radiusProfileDn
attributeSyntax: 2.5.5.1
oMSyntax: 127
isSingleValued: TRUE

but in the "Active Directory Schema" snap-ip the syntax for this
attribute appears as "Unknown".

In general, the more I play with it, LDB's schema handling / management
seems extremely fragile.

<http://lists.samba.org/archive/samba-technical/2010-November/074964.html>
<http://lists.samba.org/archive/samba-technical/2010-December/074974.html>


Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Adam Tauno Williams
On Mon, 2010-12-06 at 10:07 -0500, Adam Tauno Williams wrote:

> On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
> > Following on from
> > 'http://lists.samba.org/archive/samba-technical/2010-November/074786.html' thread, I have come across another problem. I have been playing with Samba4 and Zarafa integration. I have managed to extend most of attributes with exception of few. Samba4 ldb seems to crash when importing the following type of attribute:
> > dn: CN=Zarafa-Send-As,<SchemaContainerDN>
> > changetype: add
> > adminDisplayName: Zarafa-Send-As
> > attributeID: 1.3.6.1.4.1.26278.1.1.2.4
> > attributeSyntax: 2.5.5.1
> > cn: Zarafa-Send-As
> > distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>
> > instanceType: 4
> > isSingleValued: FALSE
> > lDAPDisplayName: zarafaSendAsPrivilege
> > name: Zarafa-Send-As
> > objectCategory: CN=Attribute-Schema,<SchemaContainerDN>
> > objectClass: top
> > objectClass: attributeSchema
> > oMSyntax: 127
> > schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw==
> > showInAdvancedViewOnly: TRUE
> > searchFlags: 0
> > It looks like samba does not like either oMSyntax: 127 (other syntaxes
> > are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine). I
> > have tested this both on 4.0.0alpha12-GIT-f12756b
> > and 4.0.0alpha14-GIT-929063b
> > Can someone confirm that this is to do with full AD schema issue or is
> > this something else and whether there is any way round this.
> > I'm also attaching the original LDF file that comes with Zarafa.
> > Please note that changetype has been changed to add and
> > <SchemaContainerDN> to CN=Schema,CN=Configuration,DC=example,DC=com
> I believe there is some kind of issue regarding creating attributes with
> the 2.5.5.1;  even if you can create them they don't appear to be
> usable.  I was able to import a scheme definition for radiusProfileDn -
> dn:
> CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,DC=COM
> objectClass: top
> objectClass: attributeSchema
> attributeID: 1.3.6.1.4.1.3317.4.3.1.49
> schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
> cn: Radius-Profile-DN
> name: radiusProfileDn
> lDAPDisplayName: radiusProfileDn
> attributeSyntax: 2.5.5.1
> oMSyntax: 127
> isSingleValued: TRUE
> but in the "Active Directory Schema" snap-ip the syntax for this
> attribute appears as "Unknown".

And once loaded the samba.log file fills with a steady series of:

[Mon Dec  6 10:08:05 2010 EST,
0 ../dsdb/schema/schema_init.c:686:dsdb_attribute_from_ldb()]
../dsdb/schema/schema_init.c:686: Unknown schema syntax for
radiusProfileDn
[Mon Dec  6 10:08:05 2010 EST,
0 ../dsdb/schema/schema_init.c:829:dsdb_schema_from_ldb_results()]
../dsdb/schema/schema_init.c:829: schema_fsmo_init: failed to load
attribute definition:
CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=ad,DC=mormail,DC=com:WERR_DS_ATT_SCHEMA_REQ_SYNTAX

4.0.0alpha14-GIT-03b078c

Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Anatoliy Atanasov
In reply to this post by Andris Lismanis
Hi,

Can you try to add oMObjectClass: \x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a
after oMSyntax: 127
This is applicable to objects with attributeSyntax: 2.5.5.1
This should fix the error and the resolving of the syntax.

Regards, Anatoliy
----- Original Message -----
> From: "[hidden email]" <[hidden email]> on behalf of "Adam Tauno Williams" <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Cc:
> Sent: Monday, December 6, 2010 5:11:10 PM (GMT+02:00) Athens, Bucharest, Istanbul
> Subject: Re: Extending Samba4 schema

> > On Mon, 2010-12-06 at 10:07 -0500, Adam Tauno Williams wrote:
> > On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
> > > Following on from
> > >
> 'http://lists.samba.org/archive/samba-technical/2010-November/074786.ht
> ml' thread, I have come across another problem. I have been playing
> with Samba4 and Zarafa integration. I have managed to extend most of
> attributes with exception of few. Samba4 ldb seems to crash when
> importing the following type of attribute:
> > > dn: CN=Zarafa-Send-As,<SchemaContainerDN>
> > > changetype: add
> > > adminDisplayName: Zarafa-Send-As
> > > attributeID: 1.3.6.1.4.1.26278.1.1.2.4
> > > attributeSyntax: 2.5.5.1
> > > cn: Zarafa-Send-As
> > > distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>
> > > instanceType: 4
> > > isSingleValued: FALSE
> > > lDAPDisplayName: zarafaSendAsPrivilege
> > > name: Zarafa-Send-As
> > > objectCategory: CN=Attribute-Schema,<SchemaContainerDN>
> > > objectClass: top
> > > objectClass: attributeSchema
> > > oMSyntax: 127
> > > schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw==
> > > showInAdvancedViewOnly: TRUE
> > > searchFlags: 0
> > > It looks like samba does not like either oMSyntax: 127 (other
> syntaxes
> > > are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine).
> I
> > > have tested this both on 4.0.0alpha12-GIT-f12756b
> > > and 4.0.0alpha14-GIT-929063b
> > > Can someone confirm that this is to do with full AD schema issue
> or is
> > > this something else and whether there is any way round this.
> > > I'm also attaching the original LDF file that comes with Zarafa.
> > > Please note that changetype has been changed to add and
> > > <SchemaContainerDN> to CN=Schema,CN=Configuration,DC=example,
> DC=com
> > I believe there is some kind of issue regarding creating attributes
> with
> > the 2.5.5.1;  even if you can create them they don't appear to be
> > usable.  I was able to import a scheme definition for
> radiusProfileDn -
> > dn:
> > CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,
> DC=COM
> > objectClass: top
> > objectClass: attributeSchema
> > attributeID: 1.3.6.1.4.1.3317.4.3.1.49
> > schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
> > cn: Radius-Profile-DN
> > name: radiusProfileDn
> > lDAPDisplayName: radiusProfileDn
> > attributeSyntax: 2.5.5.1
> > oMSyntax: 127
> > isSingleValued: TRUE
> > but in the "Active Directory Schema" snap-ip the syntax for this
> > attribute appears as "Unknown".
>
> And once loaded the samba.log file fills with a steady series of:
>
> [Mon Dec  6 10:08:05 2010 EST,
> 0 ../dsdb/schema/schema_init.c:686:dsdb_attribute_from_ldb()]
> ../dsdb/schema/schema_init.c:686: Unknown schema syntax for
> radiusProfileDn
> [Mon Dec  6 10:08:05 2010 EST,
> 0 ../dsdb/schema/schema_init.c:829:dsdb_schema_from_ldb_results()]
> ../dsdb/schema/schema_init.c:829: schema_fsmo_init: failed to load
> attribute definition:
> CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=ad,DC=mormail,
> DC=com:WERR_DS_ATT_SCHEMA_REQ_SYNTAX
>
> 4.0.0alpha14-GIT-03b078c
Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Adam Tauno Williams
On Mon, 2010-12-06 at 17:29 +0200, Anatoliy Atanasov wrote:
> Hi,
> Can you try to add oMObjectClass: \x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a
> after oMSyntax: 127
> This is applicable to objects with attributeSyntax: 2.5.5.1
> This should fix the error and the resolving of the syntax.

With -

dn:
CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,DC=COM
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.3317.4.3.1.49
schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
cn: Radius-Profile-DN
name: radiusProfileDn
lDAPDisplayName: radiusProfileDn
attributeSyntax: 2.5.5.1
oMSyntax: 127
oMObjectClass: \x2b\x0c\x02\x87\x73\x1c\x00\x85\x4a
isSingleValued: TRUE

- the exact same condition occurs (after reprovisioning the domain and
adding the new schema via ldbmodify).  Including the same error in the
"samba.log" file.

4.0.0alpha14-GIT-03b078c

> Regards, Anatoliy
> ----- Original Message -----
> > From: "[hidden email]" <[hidden email]> on behalf of "Adam Tauno Williams" <[hidden email]>
> > To: "[hidden email]" <[hidden email]>
> > Cc:
> > Sent: Monday, December 6, 2010 5:11:10 PM (GMT+02:00) Athens, Bucharest, Istanbul
> > Subject: Re: Extending Samba4 schema
> > > On Mon, 2010-12-06 at 10:07 -0500, Adam Tauno Williams wrote:
> > > On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
> > > > Following on from
> > 'http://lists.samba.org/archive/samba-technical/2010-November/074786.ht
> > ml' thread, I have come across another problem. I have been playing
> > with Samba4 and Zarafa integration. I have managed to extend most of
> > attributes with exception of few. Samba4 ldb seems to crash when
> > importing the following type of attribute:
> > > > dn: CN=Zarafa-Send-As,<SchemaContainerDN>
> > > > changetype: add
> > > > adminDisplayName: Zarafa-Send-As
> > > > attributeID: 1.3.6.1.4.1.26278.1.1.2.4
> > > > attributeSyntax: 2.5.5.1
> > > > cn: Zarafa-Send-As
> > > > distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>
> > > > instanceType: 4
> > > > isSingleValued: FALSE
> > > > lDAPDisplayName: zarafaSendAsPrivilege
> > > > name: Zarafa-Send-As
> > > > objectCategory: CN=Attribute-Schema,<SchemaContainerDN>
> > > > objectClass: top
> > > > objectClass: attributeSchema
> > > > oMSyntax: 127
> > > > schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw==
> > > > showInAdvancedViewOnly: TRUE
> > > > searchFlags: 0
> > > > It looks like samba does not like either oMSyntax: 127 (other
> > syntaxes
> > > > are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine).
> > I
> > > > have tested this both on 4.0.0alpha12-GIT-f12756b
> > > > and 4.0.0alpha14-GIT-929063b
> > > > Can someone confirm that this is to do with full AD schema issue
> > or is
> > > > this something else and whether there is any way round this.
> > > > I'm also attaching the original LDF file that comes with Zarafa.
> > > > Please note that changetype has been changed to add and
> > > > <SchemaContainerDN> to CN=Schema,CN=Configuration,DC=example,
> > DC=com
> > > I believe there is some kind of issue regarding creating attributes
> > with
> > > the 2.5.5.1;  even if you can create them they don't appear to be
> > > usable.  I was able to import a scheme definition for
> > radiusProfileDn -
> > > dn:
> > > CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,
> > DC=COM
> > > objectClass: top
> > > objectClass: attributeSchema
> > > attributeID: 1.3.6.1.4.1.3317.4.3.1.49
> > > schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
> > > cn: Radius-Profile-DN
> > > name: radiusProfileDn
> > > lDAPDisplayName: radiusProfileDn
> > > attributeSyntax: 2.5.5.1
> > > oMSyntax: 127
> > > isSingleValued: TRUE
> > > but in the "Active Directory Schema" snap-ip the syntax for this
> > > attribute appears as "Unknown".
> >
> > And once loaded the samba.log file fills with a steady series of:
> >
> > [Mon Dec  6 10:08:05 2010 EST,
> > 0 ../dsdb/schema/schema_init.c:686:dsdb_attribute_from_ldb()]
> > ../dsdb/schema/schema_init.c:686: Unknown schema syntax for
> > radiusProfileDn
> > [Mon Dec  6 10:08:05 2010 EST,
> > 0 ../dsdb/schema/schema_init.c:829:dsdb_schema_from_ldb_results()]
> > ../dsdb/schema/schema_init.c:829: schema_fsmo_init: failed to load
> > attribute definition:
> > CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=ad,DC=mormail,
> > DC=com:WERR_DS_ATT_SCHEMA_REQ_SYNTAX
> >
> > 4.0.0alpha14-GIT-03b078c


Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Angelos Oikonomopoulos
In reply to this post by Adam Tauno Williams
On 12/06/2010 04:07 PM, Adam Tauno Williams wrote:

> On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
>> Hi,
>> Following on from
>> 'http://lists.samba.org/archive/samba-technical/2010-November/074786.html' thread, I have come across another problem. I have been playing with Samba4 and Zarafa integration. I have managed to extend most of attributes with exception of few. Samba4 ldb seems to crash when importing the following type of attribute:
>> dn: CN=Zarafa-Send-As,<SchemaContainerDN>
>> changetype: add
>> adminDisplayName: Zarafa-Send-As
>> attributeID: 1.3.6.1.4.1.26278.1.1.2.4
>> attributeSyntax: 2.5.5.1
>> cn: Zarafa-Send-As
>> distinguishedName: CN=Zarafa-Send-As,<SchemaContainerDN>
>> instanceType: 4
>> isSingleValued: FALSE
>> lDAPDisplayName: zarafaSendAsPrivilege
>> name: Zarafa-Send-As
>> objectCategory: CN=Attribute-Schema,<SchemaContainerDN>
>> objectClass: top
>> objectClass: attributeSchema
>> oMSyntax: 127
>> schemaIDGUID:: xpDaV2kqTtOVsFJD/YqQuw==
>> showInAdvancedViewOnly: TRUE
>> searchFlags: 0
>> It looks like samba does not like either oMSyntax: 127 (other syntaxes
>> are fine) or attributeSyntax: 2.5.5.1 (other attributes are fine). I
>> have tested this both on 4.0.0alpha12-GIT-f12756b
>> and 4.0.0alpha14-GIT-929063b
>> Can someone confirm that this is to do with full AD schema issue or is
>> this something else and whether there is any way round this.
>> I'm also attaching the original LDF file that comes with Zarafa.
>> Please note that changetype has been changed to add and
>> <SchemaContainerDN>  to CN=Schema,CN=Configuration,DC=example,DC=com
>
> I believe there is some kind of issue regarding creating attributes with
> the 2.5.5.1;  even if you can create them they don't appear to be
> usable.  I was able to import a scheme definition for radiusProfileDn -
>
> dn:
> CN=Radius-Profile-DN,CN=Schema,CN=Configuration,DC=AD,DC=MORMAIL,DC=COM
> objectClass: top
> objectClass: attributeSchema
> attributeID: 1.3.6.1.4.1.3317.4.3.1.49
> schemaIdGuid:: 73QFH4g40KDiaTjSuh90WQ==
> cn: Radius-Profile-DN
> name: radiusProfileDn
> lDAPDisplayName: radiusProfileDn
> attributeSyntax: 2.5.5.1
> oMSyntax: 127
> isSingleValued: TRUE
>
> but in the "Active Directory Schema" snap-ip the syntax for this
> attribute appears as "Unknown".
>
> In general, the more I play with it, LDB's schema handling / management
> seems extremely fragile.
>
> <http://lists.samba.org/archive/samba-technical/2010-November/074964.html>
> <http://lists.samba.org/archive/samba-technical/2010-December/074974.html>

Yah, this is making me have second thoughts about even /trying/ to
extend the s4 schema. I'm not sure if undoing any changes is going to
affect the AD functionality or if my changes will interfere with
upgradeprovision. Also, the text at
http://wiki.samba.org/index.php/Samba4/LDAP_Backend#Schema_issues speaks
of conflicts between the AD schema and the typical LDAP schema :/ Are
there any plans of adding triggers and stored procedures (hey, python is
a already a dependency) to s4? It could be that support exists and I've
been unable to find it of course, I'm still feeling my way around the
source.

Currently my impression is that the best bet would be setting up a proxy
LDAP server for keeping the additional information, so that I can be
sure that the AD functionality won't be affected. If someone here has
any better suggestions I'd be glad to hear them!

Thanks,
Aggelos
Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Angelos Oikonomopoulos
On 12/07/2010 11:23 AM, Angelos Oikonomopoulos wrote:
[...]
>  Are
> there any plans of adding triggers and stored procedures (hey, python is
> a already a dependency) to s4? It could be that support exists and I've
> been unable to find it of course, I'm still feeling my way around the
> source.

Looks like source4/dsdb/samdb/ldb_modules is just the thing for that.
I'm not sure if the code's even /used/ ATM of course, let alone if
adding python bindings at this level is sane. Do any of the developers
have any opinion on this?

Thanks,
Aggelos
Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Adam Tauno Williams
In reply to this post by Angelos Oikonomopoulos
On Tue, 2010-12-07 at 11:23 +0100, Angelos Oikonomopoulos wrote:

> On 12/06/2010 04:07 PM, Adam Tauno Williams wrote:
> > On Sun, 2010-12-05 at 03:16 +0000, Andris Lismanis wrote:
> > but in the "Active Directory Schema" snap-ip the syntax for this
> > attribute appears as "Unknown".
> > In general, the more I play with it, LDB's schema handling / management
> > seems extremely fragile.
> > <http://lists.samba.org/archive/samba-technical/2010-November/074964.html>
> > <http://lists.samba.org/archive/samba-technical/2010-December/074974.html>
> Yah, this is making me have second thoughts about even /trying/ to
> extend the s4 schema. I'm not sure if undoing any changes is going to
> affect the AD functionality or if my changes will interfere with
> upgradeprovision. A

Ditto.

> lso, the text at
> http://wiki.samba.org/index.php/Samba4/LDAP_Backend#Schema_issues speaks
> of conflicts between the AD schema and the typical LDAP schema :/

That doesn't worry me so much, I can always modify the applications to
use a more AD friendly schema.  But loosing the AD is a scary thought.

> Currently my impression is that the best bet would be setting up a proxy
> LDAP server for keeping the additional information, so that I can be
> sure that the AD functionality won't be affected. If someone here has
> any better suggestions I'd be glad to hear them!

Same here.  Having a [secondary] external DSA sounds like an extra-heap
of complexity;  but S4 seems to be a pretty flaky LDAP server.

Reply | Threaded
Open this post in threaded view
|

Re: Extending Samba4 schema

Angelos Oikonomopoulos
On 12/07/2010 04:52 PM, Adam Tauno Williams wrote:
[...]
> Same here.  Having a [secondary] external DSA sounds like an extra-heap
> of complexity;  but S4 seems to be a pretty flaky LDAP server.

To be fair, doing a feature-complete LDAP server on the side is not
necessarily the best use of the team's time. What I'd like for now is a
bit less uncertainty. As mentioned before, it is not clear to the users
whether that's even part of the plan for any of the current developers,
let alone what stage it's at. It could be that we're just hitting the
last remaining bugs in the LDAP implementation. Then again, for all we
know there are even more serious issues lurking ahead.

In any case, it would save us all some time if that were made clear :)

Aggelos