On Sat, 26 Jul 2003, Falko Pilz wrote:
> On Sat, 26 Jul 2003 16:14:19 +0200 (SAST)
> Buchan Milne <[EMAIL PROTECTED]> wrote:
>
> > I had one running without problems, but I reverted the schema change
> > to test samba3 with samba2 schema, so it's running the 2.2.x schema
> > again. We need to take a decision on how to handle the schema. I think
> > for 9.2 we should include both samba2 and samba3 schemas in the
> > samba.schema file. I will try and do this for the next openldap
> > package.
>
> Is there any roadmap for this package ? There is no shema in the
> samba3 rpm's isn't it?
No, you will have to fish them out of the samba3 package for now ..
There is no official roadmap that I know of, I am just trying to fix the
issues that affect samba/samba3 and that we may bump into on our own
server ...
> How do you think about a samba3-ldap*.rpm or a
> samba3-passwd-ldap*.rpm?
There may be no need, depending on some issues with the build process. You
will notice we have samba3-passdb-{xml,mysql}, they can be built as shared
modules, I have not succeeded in building the ldap passdb plugin shared,
until I do, samba3-server will ship with built-in ldap support. And if the
samba team makes it, it will be samba-server-3.0.0, not samba3-server.
>
> >
> > BTW, feedback on samba3 also welcome. And if you haven't seen it yet,
> > you may want to look at these articles, even though they were for
> > samba-2.2.x:
>
> Sorry the articles were lost.
Yes, I realised after I sent I handn't added the links, but
mandrakesecure.net is apparently having some trouble (it will be solved
soon apparently) and was inaccessible.
> The 3 at mdk-secure about LDAP and Samba
> I'm still using for building my server.
Yes, those are the 3, although some adjustments have to be made for samba3
and openldap-2.1.x.
>
> BTW: should samba3 rpm's still be rebuild for LDAP support?
No, since samba3 supports run-time passdb configuration (whereas in samba2
it is compile-time-only), this is not necessary, we have ldap support
out-the-box. Rebuilding with --with-ldap will (AFAIK) enforce the samba2
schema (ie similar functionality to the 2.2.x packages), but it should not
even be necessary, since you can just use passdb backend = ldapsam_compat
> The server was cleaned from all devel, make and gcc packages.
> I should rebuild on another server, thats why I ask.
Well, if you're running a stable release, you can always grab packages
from http://ranger.dnsalias.com/mandrake/, I have been meaning to get
packages up to ftp.samba.org, but have been too busy ...
>
> > Oh, and the migration scripts in openldap-migration package still need
> > some work (patches welcome) for schema compliance.
>
> You're right the error wasn't the kerberos schema, it was the
> migrate_passwd.pl.
> Where could I send patches? You or padl.com?
To me first ... unless I beat you to it ;-)
>
> > >
> > > I used the Shemes from 9.1 at /usr/share/openldap/schema (seems
> > > to be out off 2.0.x) with the 2.1.22 there where a lot off
> > > violations. After chnages slapd.conf to /etc/openldap/schema
> > > only the kerberos und DNS schemas still not work.
> >
> > Hmm, my kerberos and dns-related objectclasses went into my
> > 2.1.22-2mdk server on 9.1 with only the schema files in the package,
> > with schema checking enabled.
>
> schema checking, how to start, sorry I'm still a newbee at LDAP.
>
I have started a script to do some schema checks, but the best way seems
to be to have a server running with schema check on, and try and import
from LDIF, that is if you have spare servers.
I am planning to have checks to run on a server that has schema
checking off, but I am having a bit of trouble getting all the
objectclasses using perl-ldap, so haven't progressed very far. Main ideas
are to check each entry has one and only one structural class, that all
objectclasses and attributes exist etc (assuming the schema itself is
correct).
Regards,
Buchan
--
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
******************************************************************
Please click on http://www.cae.co.za/disclaimer.htm to read our
e-mail disclaimer or send an e-mail to [EMAIL PROTECTED] for a copy.
******************************************************************
