Re: commit: ldap/build openldap.m4
by Gavin Henry
hyc(a)OpenLDAP.org wrote:
> Update of /repo/OpenLDAP/pkg/ldap/build
>
> Modified Files:
> Tag: OPENLDAP_REL_ENG_2_3
> openldap.m4 1.140.2.13 -> 1.140.2.14
>
> Log Message:
> Reject BDB 4.6 or newer
>
Much easier than telling folks they can use the early version of 4.6 I
think.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry(a)suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
15 years, 5 months
Re: commit: ldap/servers/slapd filter.c
by Howard Chu
ando(a)OpenLDAP.org wrote:
> Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
>
> Modified Files:
> filter.c 1.142 -> 1.143
>
> Log Message:
> for consistency, always represent UUIDs correctly (ITS#5168; really, a de-normalize hook would help)
I guess we need a syntax flag that says "denormalization needed" and perhaps a
usage flag for the normalizer that says "denormalize a normalized value"
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
15 years, 5 months
syncprov_playlog() and sl_mutex
by Pierangelo Masarati
There seems to be no (longer?) reason for syncprov_playlog() to release
the sl_mutex from inside. I'd prefer, for readability, to lock/unlock
either inside or outside the function call. Fixing (unless there's
objection...)
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 5 months
Basic examples of new overlays worthwhile ?
by Buchan Milne
Someone on #ldap was having trouble with slapo-memberof, so I did a quick
basic example to confirm it works, available at http://pastebin.ca/724050
So, I wonder if it is worthwhile having some examples like this in the
documentation or not ?
Or, would it be better to ship a test for the overlay, and provide a more
complete example of a rfc2307bis-type setup ?
Alternatively, is there a to-do list for the outstanding documentation work ?
Regards,
Buchan
15 years, 5 months
Patch for memberOf overlay section from Buchan Milne (Was: Re: commit: openldap-guide/admin overlays.sdf)
by Pierangelo Masarati
ghenry(a)OpenLDAP.org wrote:
> Update of /repo/OpenLDAP/pkg/openldap-guide/admin
>
> Modified Files:
> overlays.sdf 1.11 -> 1.12
>
> Log Message:
> Patch for memberOf overlay section from Buchan Milne.
Few comments (I'd fix it myself, but I'm not native English and I don't
have sdf installed, so you'd probably do a much better job):
The last sentence
> Note that the {{B:memberOf}} attribute is an operational attribute,
so > it must be requested explicitly.
should be completed by adding (for dummies :)
> Note that the {{B:memberOf}} attribute is an operational attribute,
so > it must be requested explicitly in search requests.
Moreover, I made "memberOf" operational by hacking the original
definition, in order to be able to add it to arbitrary entries without
the need to add the "extensibleObject" objectClass, or to create a
specific "memberOfGroup" auxiliary obhjectClass that allows "memberOf"
and add it to all entries where the attribute is added. This has to be
fixed somehow. Either we define our own "member-of" attribute and make
it operational, or we define a "memberOfGroup" auxiliary objectClass as
described above, or whatever.
Finally, I'd mention that if the overlay is added to an existing
database, data is not sanitized by populating all entries according to
their group membership. This is on the TODO list. There might be other
minor sanity checks missing that I'm not aware of.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 5 months
si_presentlist could use a single malloc instead of two :)
by Pierangelo Masarati
Bervals stored in si_presentlist could use a single malloc instead of
two if the berval and the payload are malloc'ed in one shot. This would
be allowed by the very well confined use that is made of those data.
Any objection?
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 5 months
[Fwd: LDAP/Samba 4 summary]
by Howard Chu
Yesterday afternoon at the CIFS Workshop we had a meeting to discuss Samba 4's use
of LDAP going forward, and what obstacles remained. Among the attendees that I can
remember were Andrew Bartlett, Andrew Tridgell, Simo Sorce, Stefan Metzmacher, and
(one more, I've forgotten the name) from the Samba team. Nicole Jacque and another
(sorry, don't remember the name) from Apple/OpenDirectory, Pete Rowley from
FedoraDS, and myself and Marty Heyman for OpenLDAP and Symas.
The upshot is that both the Samba and the LDAP sides have work to do, but there
are no major roadblocks. LDAP will be Samba 4's default/recommended data store. As
for OpenLDAP, most of what Samba 4 needs is either already implemented, or in
progress.
Schema design tends to still be a stumbling block; in a separate conversation we
discussed some design issues in MIT's new Kerberos schema as well as missing
features in Heimdal's existing Kerberos schema. That's a bit outside this
openldap-devel scope but I've committed to working with the Samba and Kerberos
communities to draft some changes to unify these two Kerberos schemas.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
15 years, 5 months
