On Mon, 2011-02-07 at 08:28 +0100, Marcel Ritter wrote: > Hi, > > just a short update on this issue: > > By using strace and having a look at the source code, I found the > reason for the named error: > > Accessing samba database via ldapi requires the use of ildap.so > (samba ldb module, which is not located in "standard ldb modules > path"). Just setting LDB_MODULES_PATH to the directory containing > it makes named start: > > export LDB_MODULES_PATH=/usr/lib/samba/ldb/ > named -u named > -> startup complete > > So it wasn't my first suspect "ldap uri": > ldapi:///var/lib/samba4/private/ldap_priv/ldapi > ldapi://%2Fvar%2Flib%2Fsamba4%2Fprivate%2Fldap_priv%2Fldapi > > This leaves me with the task to finally get some DNS entries into the > samba database :-)
The only way to get DNS entries in is by replicating an existing Microsoft DNS server. Anyway, the reason there isn't any documentation is that it's not really finished. We got it to the point where we were able to show that BIND9.8 when released would do what we want, when we are loaded with the dlopen dlz plugin. That was an important milestone, as it is more difficult to get a new BIND version to Samba4 users than an updated plugin. >From here, we need to come up with a secure read/write approach over LDAPI, with transactions of some kind, and tidy up some other details. Then we will publish some more docs on this. But in the meantime, you seem to have cracked the setup for the less secure, unsafe (no transactions) but works-for-a-demo mode of operation :-). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
