sambauser at katehok.ac93.org
Thu Sep 23 03:55:16 GMT 2004
Andrew Bartlett wrote:
> While you are at it, we also need to improve the performance of the
> 'users in this group' call. I have the clients at my site making this
> call, much to my frustration, as it currently does a 'getent passwd'
> over the entire directory, looking for primary gids. We should do an
> LDAP search for that information too.
Well... This is a little bit trickier since you probably refer to the
If I understand philosophy behind Samba correctly (which I doubt) its
passwd/group/host databases are supposed to be maintained independently
of where local system keeps its own corresponding databases.
Unfortunately, with LDAP it is no more true - ldapsam too heavily
depends on Unix users and groups being in LDAP and being represented by
posixAccount and posixGroup. Somehow this dependance was not caried
completely through and some passdb code still uses NSS calls to retrieve
local user or group information showing the "independence of databases"
spirit regardless of what backend is used.
The change I've made did not change the functionality of the call since
it already had the "all information is in LDAP" attitude. The patch just
made this a little bit more optimal. That why I was quite comforable
suggesting the change.
On the other hand, suggestion for a similar change in get_memberuids()
will require another passdb function to give up its "independance" and
let ldapsam assume yet again that all local users and databases are in LDAP.
It would be quite helpful if somebody among real (older? more
experienced?) Samba maintainers would explain which of the two
directions Samba is heading.
More information about the samba-technical