Wrong usage of lp_idmap_backend() value?
Jeremy Allison
jra at samba.org
Thu Jul 3 05:34:24 GMT 2003
On Thu, Jul 03, 2003 at 07:31:16AM +0200, Stefan (metze) Metzmacher wrote:
> At 18:09 02.07.2003 +0000, Jeremy Allison wrote:
> >On Wed, Jul 02, 2003 at 07:16:30PM +0300, Alexander Bokovoy wrote:
> > > Greetings!
> > >
> > > In smbd/server.c we are supposed to use value of 'idmap backend' option to
> > > initialize idmap but code logic is different: it decides to override
> > > everything in 'idmap backend' by 'winbind' unless 'idmap backend' is empty
> > > in which case we supply NULL as argument to idmap_init().
> >
> >It's on purpose. smbd should only talk to winbindd as a
> >remote backend. winbindd can talk to the configured backends.
>
> This is very bad!
>
> I think it have to be possible to use
> passdb backend = ldapsam
> idmap backend = ldap
>
> without using winbind!!!
> (I'm using nss_ldap)
The problem with this is it causes many smbd connections to
ldap and has been reported to overload ldap servers. Funelling
everything via winbindd prevents this problem.
Jeremy.
More information about the samba-technical
mailing list