Broadening the scope of the negative connection cache
Gerald (Jerry) Carter
jerry at samba.org
Tue May 13 14:43:21 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Volker Lendecke wrote:
> While there -- can we move the idmap cache there as well?
>
> What that would do: smbd could also put stuff in there. This
> is really necessary for people having ACLs and "hide
> unreadable". For each file we have to translate the gids to
> sids. This basically took down a PDC's LDAP server of a
> customer of mine. No winbind around, just smbd.
Hmm....not sure I'm initially as supportive of that idea. But I'll
think on it and maybe convince myself differently.
Why can't they run winbindd? Internally smbd has a sid/uid/gid
cache. Maybe that should be in gencache. But I'd like to keep
Winbindd's idmap cache separate.
PS: I do believe that Winbind's idmap cache needs to be cleaned
up. For example, caching the forward and reverse map entries
should be in a single transaction.
cheers, jerry
- --
=====================================================================
Samba ------- http://www.samba.org
Likewise Software --------- http://www.likewisesoftware.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIKakJIR7qMdg1EfYRAn9OAKDmTMFFlh/mpwpG/1oInD07QmsycwCgsmYX
mNYLgJhemYq/rPVB0FnACoU=
=huP5
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list