samba_2_2 sambatest (security=server) and ldap performance
Ignacio Coupeau
icoupeau at unav.es
Thu Oct 31 10:29:00 GMT 2002
We have several samba printservers and fileservers with
"security=server" validating against several PDC with ldap (samba 2.2.6).
I found a lot of ldap request like:
(uid=SAMBATESTPSERVER04)
beating the ldap servers: one before *each* validation in every print
job or share session.
I found this is related with a security issue as Jeremy says in the
server_validate() function.
To avoid this I tried to use security=domain because server_validate()
is called by check_server_security(), but our servers joined to the
domain-asigned likes very much ask to the neighborn PDC as
"security=server" than their domain-asigned-server (perhaps the
subneting, or so... is a big and complex network).
The question is if I can skip the code around
"if(!tested_password_server) {"
to avoid the calls to ldap and if it is safe.
We are using only samba servers.
Any idea?
Thanks
Ignacio
--
____________________________________________________
Ignacio Coupeau, Ph.D. e-mail: icoupeau at unav.es
CTI, Director fax: 948 425619
University of Navarra voice: 948 425600
Pamplona, SPAIN http://www.unav.es/cti/
More information about the samba-technical
mailing list