[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: memberOf hidden?

Pierangelo Masarati wrote:
Andrew Bartlett wrote:
Samba4's clients are written expecting AD's behaviour, and while I might
hope that they would explicitly request the attributes they need, if I
can make such mistakes in my test scripts, so can they...

The addition of this feature is (almost) trivial. So the decision should be based on: - should this "feature" be exposed to all users, or - should it be exposed only to users using samba4 as proxy?

I think the latter. See, my main scope as a consultant is directory integration/consolidation. So my recommendation is that everything should be avoided which turns an OpenLDAP directory into a special Samba4 LDAP backend which is not usable with other LDAPv3 compliant software anymore.

How about such an overlay specially treating * based on <who> like defined in ACLs? Or maybe one should recommend in a deployment note to use this overlay with back-ldap?

Ciao, Michael.