git.samba.org - sfrench/samba-autobuild/.git/commit

author	Andrew Bartlett <abartlet@samba.org>
	Mon, 28 Apr 2003 10:20:55 +0000 (10:20 +0000)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 28 Apr 2003 10:20:55 +0000 (10:20 +0000)
commit	49530d0db5a509951c66b73aaf2aa101caf6117b
tree	d5994c69acc6e3d4210d237f10bd3628bf3888fd	tree
parent	4121d1611da65e13e0285a8714f21d6d6be2d4d7	commit \| diff

A new pdb_ldap!

This patch removes 'non unix account range' (same as idra's change in HEAD),
and uses the winbind uid range instead.

More importanly, this patch changes the LDAP schema to use 'ntSid' instead
of 'rid' as the primary attribute.  This makes it in common with the group
mapping code, and should allow it to be used closely with a future idmap_ldap.

Existing installations can use the existing functionality by using the
ldapsam_compat backend, and users who compile with --with-ldapsam will get
this by default.

More importantly, this patch adds a 'sambaDomain' object to our schema -
which contains 2 'next rid' attributes, the domain name and the domain sid.
Yes, there are *2* next rid attributes.  The problem is that we don't 'own'
the entire RID space - we can only allocate RIDs that could be 'algorithmic'
RIDs.  Therefore, we use the fact that UIDs in 'winbind uid' range will be
mapped by IDMAP, not the algorithm.

Andrew Bartlett
(This used to be commit 3e07406ade81e136f67439d4f8fd7fe1dbb6db14)

examples/LDAP/samba.schema		diff \| blob \| history
source3/param/loadparm.c		diff \| blob \| history
source3/passdb/pdb_ldap.c		diff \| blob \| history
source3/passdb/pdb_smbpasswd.c		diff \| blob \| history
source3/passdb/pdb_tdb.c		diff \| blob \| history