Michael Ströder wrote:
Dieter Klünter wrote:
Am Wed, 10 Dec 2014 00:01:11 +0100
schrieb Michael Ströder <[email protected]>:
Dieter Klünter wrote:
Am Tue, 09 Dec 2014 18:46:55 +0100
schrieb Michael Ströder <[email protected]>:
Another packaging decision:
Is building with -DLDAP_CONNECTIONLESS of any real use?
Is there any harm using it?
There should be no harm to compile. Early Samba4 used udp for
transport.
I thought Samba4 has its own LDAP client and server implementation.
As I mentioned 'early Samba4', and development leading to 4.
Are you sure Samba4 uses connection-less LDAP implementation of
OpenLDAP's libldap?
They are, for the time being, not using libldap.
=> dropped -DLDAP_CONNECTIONLESS
BTW: Experience shows that the code of rarely needed or unused features most
times get not much attention. Thus it's also a security measure not to add it.
As I noted at the beginning of this year,
http://symas.com/docs/2014FOSDEM-WhatsNewInOpenLDAP.pdf there has been a
renewed effort to build Samba4/AD compatibility inside OpenLDAP. This
LDAP_CONNECTIONLESS feature was originally written for PADL's XAD, an AD
clone built on top of OpenLDAP, and it is being reused for the same
purpose (AD compatibility) again now.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
