mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
Avoid the use of extensibleObject in ldap mapping backend.
Instead of extensibleObject, we use the new (more correct) ad2oLschema tool, and a new objectClass called 'samba4Top', which we add and remove in the same way we did extensibleObject. Andrew Bartlett
This commit is contained in:
Andrew Bartlett
parent
cecd04ce1f
commit
5ab20aa8b4
@ -676,7 +676,7 @@ static int entryuuid_init(struct ldb_module *module)
|
|||||||
struct map_private *map_private;
|
struct map_private *map_private;
|
||||||
struct entryuuid_private *entryuuid_private;
|
struct entryuuid_private *entryuuid_private;
|
||||||
|
|
||||||
ret = ldb_map_init(module, entryuuid_attributes, entryuuid_objectclasses, entryuuid_wildcard_attributes, "extensibleObject", NULL);
|
ret = ldb_map_init(module, entryuuid_attributes, entryuuid_objectclasses, entryuuid_wildcard_attributes, "samba4Top", NULL);
|
||||||
if (ret != LDB_SUCCESS)
|
if (ret != LDB_SUCCESS)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
@ -697,7 +697,7 @@ static int nsuniqueid_init(struct ldb_module *module)
|
|||||||
struct map_private *map_private;
|
struct map_private *map_private;
|
||||||
struct entryuuid_private *entryuuid_private;
|
struct entryuuid_private *entryuuid_private;
|
||||||
|
|
||||||
ret = ldb_map_init(module, nsuniqueid_attributes, NULL, nsuniqueid_wildcard_attributes, "extensibleObject", NULL);
|
ret = ldb_map_init(module, nsuniqueid_attributes, NULL, nsuniqueid_wildcard_attributes, "samba4Top", NULL);
|
||||||
if (ret != LDB_SUCCESS)
|
if (ret != LDB_SUCCESS)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
|||||||
@ -125,21 +125,23 @@ attributeID: 1.3.6.1.4.1.7165.4.1.7
|
|||||||
attributeSyntax: 2.5.5.4
|
attributeSyntax: 2.5.5.4
|
||||||
oMSyntax: 20
|
oMSyntax: 20
|
||||||
|
|
||||||
|
#
|
||||||
dn: CN=unixName,${SCHEMADN}
|
# Not used anymore
|
||||||
cn: unixName
|
#
|
||||||
name: unixName
|
#dn: CN=unixName,${SCHEMADN}
|
||||||
objectClass: top
|
#cn: unixName
|
||||||
objectClass: attributeSchema
|
#name: unixName
|
||||||
lDAPDisplayName: unixName
|
#objectClass: top
|
||||||
isSingleValued: TRUE
|
#objectClass: attributeSchema
|
||||||
systemFlags: 16
|
#lDAPDisplayName: unixName
|
||||||
systemOnly: FALSE
|
#isSingleValued: TRUE
|
||||||
schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
|
#systemFlags: 16
|
||||||
adminDisplayName: Unix-Name
|
#systemOnly: FALSE
|
||||||
attributeID: 1.3.6.1.4.1.7165.4.1.9
|
#schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
|
||||||
attributeSyntax: 2.5.5.4
|
#adminDisplayName: Unix-Name
|
||||||
oMSyntax: 20
|
#attributeID: 1.3.6.1.4.1.7165.4.1.9
|
||||||
|
#attributeSyntax: 2.5.5.4
|
||||||
|
#oMSyntax: 20
|
||||||
|
|
||||||
#
|
#
|
||||||
# Not used anymore
|
# Not used anymore
|
||||||
@ -175,7 +177,6 @@ oMSyntax: 20
|
|||||||
#Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6
|
#Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6
|
||||||
#Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7
|
#Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7
|
||||||
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Fedora DS uses this attribute, and we need to set it via our module stack
|
# Fedora DS uses this attribute, and we need to set it via our module stack
|
||||||
#
|
#
|
||||||
@ -226,9 +227,132 @@ objectClassCategory: 1
|
|||||||
lDAPDisplayName: samba4LocalDomain
|
lDAPDisplayName: samba4LocalDomain
|
||||||
schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293
|
schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293
|
||||||
systemOnly: FALSE
|
systemOnly: FALSE
|
||||||
systemAuxiliaryClass: samDomainBase
|
systemAuxiliaryClass: samDomain
|
||||||
defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
|
defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
|
||||||
systemFlags: 16
|
systemFlags: 16
|
||||||
defaultHidingValue: TRUE
|
defaultHidingValue: TRUE
|
||||||
defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN}
|
defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN}
|
||||||
|
|
||||||
|
|
||||||
|
dn: CN=Samba4Top,${SCHEMADN}
|
||||||
|
objectClass: top
|
||||||
|
objectClass: classSchema
|
||||||
|
subClassOf: top
|
||||||
|
governsID: 1.3.6.1.4.1.7165.4.2.1
|
||||||
|
mayContain: msDS-ObjectReferenceBL
|
||||||
|
rDNAttID: cn
|
||||||
|
showInAdvancedViewOnly: TRUE
|
||||||
|
adminDisplayName: Samba4TopTop
|
||||||
|
adminDescription: Attributes used in top in Samba4 that OpenLDAP does not
|
||||||
|
objectClassCategory: 3
|
||||||
|
lDAPDisplayName: samba4Top
|
||||||
|
schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e
|
||||||
|
systemOnly: TRUE
|
||||||
|
systemPossSuperiors: lostAndFound
|
||||||
|
systemMayContain: url
|
||||||
|
systemMayContain: wWWHomePage
|
||||||
|
systemMayContain: wellKnownObjects
|
||||||
|
systemMayContain: wbemPath
|
||||||
|
systemMayContain: uSNSource
|
||||||
|
systemMayContain: uSNLastObjRem
|
||||||
|
systemMayContain: USNIntersite
|
||||||
|
systemMayContain: uSNDSALastObjRemoved
|
||||||
|
systemMayContain: systemFlags
|
||||||
|
systemMayContain: subRefs
|
||||||
|
systemMayContain: siteObjectBL
|
||||||
|
systemMayContain: serverReferenceBL
|
||||||
|
systemMayContain: sDRightsEffective
|
||||||
|
systemMayContain: revision
|
||||||
|
systemMayContain: repsTo
|
||||||
|
systemMayContain: repsFrom
|
||||||
|
systemMayContain: directReports
|
||||||
|
systemMayContain: replUpToDateVector
|
||||||
|
systemMayContain: replPropertyMetaData
|
||||||
|
systemMayContain: name
|
||||||
|
systemMayContain: queryPolicyBL
|
||||||
|
systemMayContain: proxyAddresses
|
||||||
|
systemMayContain: proxiedObjectName
|
||||||
|
systemMayContain: possibleInferiors
|
||||||
|
systemMayContain: partialAttributeSet
|
||||||
|
systemMayContain: partialAttributeDeletionList
|
||||||
|
systemMayContain: otherWellKnownObjects
|
||||||
|
systemMayContain: objectVersion
|
||||||
|
systemMayContain: nonSecurityMemberBL
|
||||||
|
systemMayContain: netbootSCPBL
|
||||||
|
systemMayContain: ownerBL
|
||||||
|
systemMayContain: msDS-ReplValueMetaData
|
||||||
|
systemMayContain: msDS-ReplAttributeMetaData
|
||||||
|
systemMayContain: msDS-NonMembersBL
|
||||||
|
systemMayContain: msDS-NCReplOutboundNeighbors
|
||||||
|
systemMayContain: msDS-NCReplInboundNeighbors
|
||||||
|
systemMayContain: msDS-NCReplCursors
|
||||||
|
systemMayContain: msDS-TasksForAzRoleBL
|
||||||
|
systemMayContain: msDS-TasksForAzTaskBL
|
||||||
|
systemMayContain: msDS-OperationsForAzRoleBL
|
||||||
|
systemMayContain: msDS-OperationsForAzTaskBL
|
||||||
|
systemMayContain: msDS-MembersForAzRoleBL
|
||||||
|
systemMayContain: msDs-masteredBy
|
||||||
|
systemMayContain: mS-DS-ConsistencyGuid
|
||||||
|
systemMayContain: mS-DS-ConsistencyChildCount
|
||||||
|
systemMayContain: msDS-Approx-Immed-Subordinates
|
||||||
|
systemMayContain: msCOM-PartitionSetLink
|
||||||
|
systemMayContain: msCOM-UserLink
|
||||||
|
systemMayContain: masteredBy
|
||||||
|
systemMayContain: managedObjects
|
||||||
|
systemMayContain: lastKnownParent
|
||||||
|
systemMayContain: isPrivilegeHolder
|
||||||
|
systemMayContain: isDeleted
|
||||||
|
systemMayContain: isCriticalSystemObject
|
||||||
|
systemMayContain: showInAdvancedViewOnly
|
||||||
|
systemMayContain: fSMORoleOwner
|
||||||
|
systemMayContain: fRSMemberReferenceBL
|
||||||
|
systemMayContain: frsComputerReferenceBL
|
||||||
|
systemMayContain: fromEntry
|
||||||
|
systemMayContain: flags
|
||||||
|
systemMayContain: extensionName
|
||||||
|
systemMayContain: dSASignature
|
||||||
|
systemMayContain: dSCorePropagationData
|
||||||
|
systemMayContain: displayNamePrintable
|
||||||
|
systemMayContain: displayName
|
||||||
|
systemMayContain: description
|
||||||
|
systemMayContain: cn
|
||||||
|
systemMayContain: canonicalName
|
||||||
|
systemMayContain: bridgeheadServerListBL
|
||||||
|
systemMayContain: allowedChildClassesEffective
|
||||||
|
systemMayContain: allowedChildClasses
|
||||||
|
systemMayContain: allowedAttributesEffective
|
||||||
|
systemMayContain: allowedAttributes
|
||||||
|
systemMayContain: adminDisplayName
|
||||||
|
systemMayContain: adminDescription
|
||||||
|
systemMustContain: objectCategory
|
||||||
|
systemMustContain: nTSecurityDescriptor
|
||||||
|
systemMustContain: instanceType
|
||||||
|
systemAuxiliaryClass: samba4TopExtra
|
||||||
|
defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
|
||||||
|
systemFlags: 16
|
||||||
|
defaultHidingValue: TRUE
|
||||||
|
objectCategory: CN=Class-Schema,${SCHEMADN}
|
||||||
|
defaultObjectCategory: CN=Samba4Top,${SCHEMADN}
|
||||||
|
|
||||||
|
|
||||||
|
dn: CN=Samba4TopExtra,${SCHEMADN}
|
||||||
|
objectClass: top
|
||||||
|
objectClass: classSchema
|
||||||
|
subClassOf: top
|
||||||
|
governsID: 1.3.6.1.4.1.7165.4.2.3
|
||||||
|
rDNAttID: cn
|
||||||
|
showInAdvancedViewOnly: TRUE
|
||||||
|
adminDisplayName: Samba4TopExtra
|
||||||
|
adminDescription: Attributes used in top in Samba4 that OpenLDAP does not
|
||||||
|
objectClassCategory: 2
|
||||||
|
lDAPDisplayName: samba4TopExtra
|
||||||
|
schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e
|
||||||
|
systemOnly: TRUE
|
||||||
|
mayContain: privilege
|
||||||
|
systemPossSuperiors: lostAndFound
|
||||||
|
defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
|
||||||
|
systemFlags: 16
|
||||||
|
defaultHidingValue: TRUE
|
||||||
|
objectCategory: CN=Class-Schema,${SCHEMADN}
|
||||||
|
defaultObjectCategory: CN=Samba4TopExtra,${SCHEMADN}
|
||||||
|
|
||||||
|
|||||||
@ -71,8 +71,6 @@ index objectCategory eq
|
|||||||
index member eq
|
index member eq
|
||||||
index uidNumber eq
|
index uidNumber eq
|
||||||
index gidNumber eq
|
index gidNumber eq
|
||||||
index unixName eq
|
|
||||||
index privilege eq
|
|
||||||
index nCName eq
|
index nCName eq
|
||||||
index lDAPDisplayName eq
|
index lDAPDisplayName eq
|
||||||
index subClassOf eq
|
index subClassOf eq
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user