Michael Ströder wrote:
Dieter Klünter wrote:Am Wed, 10 Dec 2014 00:01:11 +0100 schrieb Michael Ströder <michael@stroeder.com>:Dieter Klünter wrote:Am Tue, 09 Dec 2014 18:46:55 +0100 schrieb Michael Ströder <michael@stroeder.com>:Another packaging decision: Is building with -DLDAP_CONNECTIONLESS of any real use? Is there any harm using it?There should be no harm to compile. Early Samba4 used udp for transport.I thought Samba4 has its own LDAP client and server implementation.As I mentioned 'early Samba4', and development leading to 4.Are you sure Samba4 uses connection-less LDAP implementation of OpenLDAP's libldap?They are, for the time being, not using libldap.=> dropped -DLDAP_CONNECTIONLESS BTW: Experience shows that the code of rarely needed or unused features most times get not much attention. Thus it's also a security measure not to add it.
As I noted at the beginning of this year, http://symas.com/docs/2014FOSDEM-WhatsNewInOpenLDAP.pdf there has been a renewed effort to build Samba4/AD compatibility inside OpenLDAP. This LDAP_CONNECTIONLESS feature was originally written for PADL's XAD, an AD clone built on top of OpenLDAP, and it is being reused for the same purpose (AD compatibility) again now.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/