make 'ldap trust ids' the default?

Markus Schabel markus.schabel at
Sun Nov 3 15:43:01 GMT 2002

Andrew Bartlett wrote:

>I've just committed a patch that adds a new 'ldap trust ids' smb.conf
>Currently defaulting to off, this option allows pdb_ldap to use the ldap
>server directly to determine if a user 'exists' in unix.
>This gives us a performance boost, particularly on enumerations: 
>(Removes the extra lookup per record).  
>The logic is such that if there are no posixAccount attributes for a
>user, we try getpwnam(), it's just that we look in LDAP first.
>As such, do people think we should have this by default?  
>This was a fix to solve some particular problems that metze had, and
>I'll see if I can get some feedback on exactly how much this helps.
>Andrew Bartlett
That sounds like a good idea, to do it as default or not is a good 
question, when you have a little user database it isn't really helpfull, 
but I think it should be on by default. If I could only find some time 
somewhere, I'll take a look at this.


Markus Schabel
| TGM - Die Schule der Technik               |
| IT-Service                                 |
| A-1200 Wien, Wexstrasse 19-23              |
| Tel.: +43(1)33126/316 Fax: +43(1)33126/154 |
| eMail: markus.schabel at            |

More information about the samba-technical mailing list