About

I am an Information Technology professional with 8+ years of experience in IT hardware and software, network and database administration, development and support.

I created this site to make the occasional post on IT-related topics I find interesting.  While my current employment focuses more on network administration and support, I also enjoy learning and developing in a variety programming languages and database technologies on the side.

One thought on “About

  1. Ben Mehlman

    Hi Rob, thanks a LOT for the AD security descriptor code. I’d run into the same problem. Our master user database is contained in a postgres database on linux with mainly python (Django) applications. But we wanted to synchronize with AD and Google Apps as well as the phone system. Everything was fine except for this one flag…..

    As it turned out, I had already, in the past.. moved my client code from linux over to windows and made it into a windows service (still in python.. there’s a great library for that).. and we use JSON encoded messages via rabbitmq to tell the service what to do, and to get responses back. So I COULD have used the python bindings to the windows python ADSI for everything after all. The reason I moved it to Windows was so that the same process that sets the user up and maintains the user in AD could also maintain their home directory, which required being on a Windows box to set the permissions. I also store the users GUID in a special fork in the users home directory object so that even if the directory is renamed or the user is renamed, the service can find it and set them to match again. But although running on windows, I kept the AD stuff as LDAP and wanted to keep it LDAP so that it could be used on Linux again whenever needed in the future. So your code really helped with that.

    It’s unfortunate that Microsoft didn’t see fit to present these permissions (which I guess are the same as regular NT file permissions in an LDAP-friendly way, since LDAP does support lists and nesting it would have made things a lot nicer. But that’s Microsoft for ya.. open standards but not for this ONE THING.. that happens to be really important…

    Anyway thanks again, and if I can ever help you with anything let me know. If you’d like my windows service code I’m sure it would be ok to send you that.. you might find parts of it useful. Or if you are interested in Google synchronization…

    Take Care
    Ben

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


*