Sorry for the cross posting but I think it's important that the Openexchange guys see this.
Tony Earnshaw wrote: > man, 23.05.2005 kl. 17.50 skrev Caleb O'Connell: > >> Is there a change however you can just choose a different datastore >> in the config file though? so you can choose to use the built in >> ldap or to just use an openLDAP datastore. The ldap scheme I >> imagine would >> stay the same, just the database itself and the ldap program itself >> ldb samba4 is going to be using. I was just curious for obvious >> reasons. > > There won't be a schema any more. During the weekend I googled for > Samba4 docs and subscribed to the tecchie list. What came up was > enough to ensure that I'll keep my mouth shut about Samba4 and LDAP > until they're there. > UH OH. > There will basically probably be a complete LDAP and total database > rethink (keyword is "ldb"). Unless people are *very* familiar with > OpenLDAP's (2.2 and 2.3) meta backend and proxy concepts, unless the > Samba crew is willing to do it all for one, one'd better forget > everything one ever learned about integrating Samba and any present > OpenLDAP DSE. This leaves me very worried as a sysadmin for a small company. I will explain why further down. > So either go out digging for docs to find out what is going to > overwhelm you, or lie back and be prepared to let it do so ;) > I've dug for docs. I found Tridges recent thoughts on Samba4 on the personal section for him on the samba site a couple of weeks ago. To people of the lay class, such as myself, it doesn't explain much about whether there is going to be some sort of ldap schema translation. It's all as abartlett says in recent posts "I hope" "I think" "maybe", which is very worrying. I've read 2/3 Linux journals where JRA has said, IIRC, that one of the key reasons companies don't adopt samba is due to the corporate reliance on MS Exchange. So for years I have been searching for something that will replace it. The 2 projects that come close to completely replacing MS Exchange are opengroupware.org and openexchange. Both of these projects have a reliance on their own LDAP schemas and POSIX account attributes. I personally chose to use openexchange due to the storage of personal & public addressbooks in LDAP. (which naturally allows plenty of other applications to use them, rather than as OGO does putting them in a "proper" db backend, and yes I know that a very competent sysadmin can expose that db through LDAP. After having read Adam Tuano Williams docs on it, I don't want to go there). Now I have hacked the smbldap tools to allow me to vampire over an old windows NT domain with all of the users having openexchange attributes added to them in ldap automatically. I did this last night and basically the implementation looks fine. So in a week I will start to migrate email accounts over and smarthost the system for the old exchange server and users still on that. But, I will only go ahead if there is going to be a way to keep the integration between these 2 projects going. So please can those on this list tell me with any great detail what will happen with Samba4 and LDAP schemas? Either I jettison this implementation and switch to MS 2003 with Exchange, or other projects find a way to integrate with what the Samba team is doing, or the Samba team finds a way to maintain some sort of compatibility with other FOSS projects using openldap. The only reason I ask is that I would still like to have a job in a year or 2. I don't want to go down the samba / openexchange road. And then get sacked / told to move everything back to Microsoft products by my bosses, because the integrated solution that was a very close fit to a windows domain with MS Exchange, doesn't work anymore. Regards Geoff Scott FWIW. Please find below what a typical user ends up with in LDAP for their user account and private address book: dn: uid=gfhoffice,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com,dc=au objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: OXUserObject objectClass: person objectClass: sambaSamAccount cn: gfhoffice sn: gfhoffice uid: gfhoffice uidNumber: 2041 gidNumber: 513 homeDirectory: /home/gfhoffice loginShell: /bin/bash gecos: System User userPassword:: e2NyeXB0fXg= structuralObjectClass: inetOrgPerson entryUUID: 528ef8f0-5fa7-1029-95d2-aae0cf82c0df creatorsName: cn=Manager,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com,d c=au createTimestamp: 20050523072336Z OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,stree t,postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber ,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[ all]#self# givenName: gfhoffice shadowMin: 0 shadowMax: 9999 shadowWarning: 7 shadowExpire: 0 mail: [EMAIL PROTECTED] mailDomain: guest----shire.com preferredLanguage: EN OXAppointmentDays: 9 OXGroupID: 500 OXTaskDays: 9 OXTimeZone: Australia/Sydney o: Guests Furniture Hire userCountry: Australia mailEnabled: OK lnetMailAccess: TRUE sambaSID: S-1-5-21-snip2-1363 sambaPrimaryGroupSID: S-1-5-21-snip-513 displayName: GFHoffice description: Head Office - disabled sambaLMPassword: snip sambaNTPassword: snip sambaPwdLastSet: 1116833017 sambaAcctFlags: [DU ] entryCSN: 20050523072337Z#000001#00#000000 modifiersName: cn=Manager,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com,dc=au modifyTimestamp: 20050523072337Z dn: ou=addr,uid=gfhoffice,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com,dc =au objectClass: top objectClass: organizationalUnit ou: addr structuralObjectClass: organizationalUnit entryUUID: 52950c22-5fa7-1029-95d3-aae0cf82c0df creatorsName: cn=Manager,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com,d c=au createTimestamp: 20050523072336Z entryCSN: 20050523072336Z#00000b#00#000000 modifiersName: cn=Manager,ou=Users,ou=OxObjects,dc=guestsfurniturehire,dc=com, dc=au modifyTimestamp: 20050523072336Z -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
