Andrew Bartlett wrote:
I've been working to allow Fedora DS to backend Samba4, much as
OpenLDAP
can. This, I hope, will bring us the benefits of a replicated backend
between Samba4 servers.
To set this up, I've placed some notes in setup/fedora-ds-init.ldif and
extended the provision script. The provision now succeeds, and Win2k3
can join and log into the Samba4/FDS domain.
Excellent!
The next step is to test the Fedora DS backend in our 'make
test'
script. For that, I'll need some help. I need to automatically
configure and start fedora DS, from within the test scripts. I
understand some testing scripts to do this exist...
Basically, you create a .inf file, and pass this file to
bin/slapd/admin/bin/ds_create or ds_newinst.pl - see
http://directory.fedora.redhat.com/wiki/Install_Guide#Creating_an_instanc...
To integrate such scripts with Samba4, I need a few things:
Ideally it would bind to an ldapi:// socket (this is redhat bug 219573:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219573 ), but for
now a high port would do.
Likewise, it would be ideal if fedora DS could terminate with the
process group, so we don't risk leaving ldap servers around after a
failed test.
You can start the server with the "-d 0" argument - this causes the
server to not detach from the controlling terminal.
Finally, I need USN support in Fedora DS, or something very much
like
the contextCSN attribute in OpenLDAP. (With a way to obtain a highest
value, preferably also a way to get a 'new' value too).
Do you need this to work even if the server does not participate in
replication? CSNs are only generated if the server is configured to
participate in replication.
Later, we need to figure out how ACLs should behave for all our
backends.
Andrew Bartlett
------------------------------------------------------------------------
--
Fedora-directory-devel mailing list
Fedora-directory-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-devel