[Samba] How to use ldapsam only for authentication?
Volker Lendecke
Volker.Lendecke at SerNet.DE
Fri Jan 29 06:39:32 UTC 2016
On Thu, Jan 28, 2016 at 10:30:55PM +0100, Meike Stone wrote:
> it is only a standalone server, no sid/gid (mapping) needed. All users
> and groups are local (passwd/groups) maintained.
> We only want to authenticate the users against the ldap server
> (openDJ). No Active Directory is used.
>
> But if I configure, there are a lot (to much) ldap searches/request,
> that only waste time and cpu. The requesting smbd process does not get
> back a usable (empty) result. So i think, then (after ldap search) the
> smbd process asks the system and get the proper information.
> Samba is running well in this configuration.
>
> I'm looking for a way to disable this ldap request, because at the
> moment are only a few files on the server, but I want migrate Windows
> file servers on it. So I'm afraid that the performance of the samba
> will go down and my ldap server will collapse.
So you have two choices: Diagnose why this is done with
debug level 10 logs and ldap network traces and then remove
those calls. The alternative is to set up a LDAP slave
server on the Samba server.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba
mailing list