I've been thinking about the problem of allocating RIDs in LDAP.
We need a race-proof scheme to allocate RIDs, and I would prefer not to
need to use a local TDB - I would like it all 'in ldap', if at all
possible.
While the real solution is an LDAP server that imposes restrictions on
attributes
Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
We need a race-proof scheme to allocate RIDs, and I would prefer not to
need to use a local TDB - I would like it all 'in ldap', if at all
possible.
yes, and is better because several PDC may share the
Ignacio Coupeau wrote:
Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
We need a race-proof scheme to allocate RIDs, and I would prefer not to
need to use a local TDB - I would like it all 'in ldap', if at all
possible.
yes, and is better
On Sat, 12 Oct 2002, Andrew Bartlett wrote:
We need a race-proof scheme to allocate RIDs, and I would prefer not to
need to use a local TDB - I would like it all 'in ldap', if at all
possible.
See the uidPool objectclass in samba.schema. You would do it like
this
do {
get the curent
On Sat, 12 Oct 2002, Andrew Bartlett wrote:
OK, that make much more sense. But what to do in between the delete and
the add? Spin, and hope the entry 'comes back'?
It should local the entry, test for the presence of the old
value/attribute before any delete, remove it, and add the new one.
On Sat, Oct 12, 2002 at 07:17:10PM +1000, Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
Look at google for 'ldap atomic increment'. The second article gives some hints
on how an atomic increment might be implemented in LDAP. I have not programmed
LDAP
Our implementation updates the nextRid attribute in the
domain entry (eg. dc=windows,dc=samba,dc=org) whenever a
RID needs to be allocated. Removing the old value and
adding the new one is used to guarantee atomicity.
It is interesting to note that the distributed RID
allocation scheme used in
[EMAIL PROTECTED] wrote:
On Sat, Oct 12, 2002 at 07:17:10PM +1000, Andrew Bartlett wrote:
I've been thinking about the problem of allocating RIDs in LDAP.
Look at google for 'ldap atomic increment'. The second article gives some hints
on how an atomic increment might be implemented in