Hello Andrew. On Fri, May 27, 2016 at 5:20 PM, Andrew Bartlett <abartlet at samba.org> wrote:> On Fri, 2016-05-27 at 12:18 -0300, Marcelo Terres wrote: >> Hello. >> >> Just one doubt: Samba4 already supports CLDAP requests? > > Yes, we support CLDAP. What made you have this doubt? >I'm using Sophos UTM and I'm trying to add the machine in Domain. I notice in wireshark that a CLDAP query is done sucessfully, but it returns 0 elements (image attached). After that, the operation fails. I thought that it could be because CLDAP is not fully implemented or something like that. Regards,> We don't maintain a comprehensive feature list, you may wish to first > install Samba4 and see what it does before wondering bout or doubting > each feature. > > Thanks, > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba > > >
On Mon, 2016-05-30 at 12:27 -0300, Marcelo Terres wrote:> Hello Andrew. > > On Fri, May 27, 2016 at 5:20 PM, Andrew Bartlett <abartlet at samba.org> > wrote: > > On Fri, 2016-05-27 at 12:18 -0300, Marcelo Terres wrote: > > > Hello. > > > > > > Just one doubt: Samba4 already supports CLDAP requests? > > > > Yes, we support CLDAP. What made you have this doubt? > > > > I'm using Sophos UTM and I'm trying to add the machine in Domain. I > notice in wireshark that a CLDAP query is done sucessfully, but it > returns 0 elements (image attached). After that, the operation fails. > > I thought that it could be because CLDAP is not fully implemented or > something like that.There are many unimplemented features in Samba compared with AD, and certainly plenty of differing behaviours, but few that seem to matter in real-world production. It is entirely reasonable to assume you may have found one, but to validate that we will need: - a proper PCAP file, not a redacted screenshot - a comparison between Samba4 and Windows AD - this test re-confirmed on git master. If you could do that, and get back to us with a bug, we may be able to help further. Thanks! Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Thanks Andrew. I'll try to get the pcap in AD to compare with the Samba4 pcap, and if I found the problem I'll open the bug. Regards, Marcelo Hartmann Terres Fones: +55 51 3024-3568 | +55 11 4063-8864 | +55 92 3090-0115 Propus - TI alinhada a negócios Service | Telecom | Tech | Data Science www.propus.com.br On Mon, May 30, 2016 at 3:27 PM, Andrew Bartlett <abartlet at samba.org> wrote:> On Mon, 2016-05-30 at 12:27 -0300, Marcelo Terres wrote: >> Hello Andrew. >> >> On Fri, May 27, 2016 at 5:20 PM, Andrew Bartlett <abartlet at samba.org> >> wrote: >> > On Fri, 2016-05-27 at 12:18 -0300, Marcelo Terres wrote: >> > > Hello. >> > > >> > > Just one doubt: Samba4 already supports CLDAP requests? >> > >> > Yes, we support CLDAP. What made you have this doubt? >> > >> >> I'm using Sophos UTM and I'm trying to add the machine in Domain. I >> notice in wireshark that a CLDAP query is done sucessfully, but it >> returns 0 elements (image attached). After that, the operation fails. >> >> I thought that it could be because CLDAP is not fully implemented or >> something like that. > > There are many unimplemented features in Samba compared with AD, and > certainly plenty of differing behaviours, but few that seem to matter > in real-world production. It is entirely reasonable to assume you may > have found one, but to validate that we will need: - a proper PCAP file, not a redacted screenshot - a comparison between Samba4 and Windows AD - this test re-confirmed on git master. > If you could do that, and get back to us with a bug, we may be able to > help further. > Thanks! > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba > > >