get_domain_user_groups() improvement.
Igor Belyi
sambauser at katehok.ac93.org
Sun Sep 26 06:18:30 GMT 2004
Andrew Bartlett wrote:
> On Sat, 2004-09-25 at 04:13, Igor Belyi wrote:
>>Then get_memberuids() is doomed. To get the list of all users whose
>>primary group has a particular gid you need to either have their
>>posixAccount in LDAP to allow filter to do the work or list all users
>>via NSS as get_memberuids() function does now.
>
> Unfortunately we are now so far into the 3.0 series that we can't
> realistically break any 'working' configuration, no matter how much I
> may feel it's brain-dead or otherwise ;-). Naturally, that didn't stop
> the performance issue being introduced for correctness, but what we can
> do is guard the fix with 'ldap trust ids' (or a better name) as a
> smb.conf parameter.
Would you look at that! All 'query' backends (ldap, mysql, pgsql) has
primaryGroupSid in their Samba user databases and this is enough to have
the requested optimization.
The attached patch introduces yet another pdb interface method
enum_group_prmembers to retrieve SIDs of users with the given
primaryGroupSid. Its default implementation goes through all users as it
was done in get_memberuids(). Implementations in ldap, mysql, and pgsql
backends use correct filter and query.
get_memberuids() is adjusted to use this new method instead of going
through all users all the time.
This patch is made on top of my previous patch.
I've tested it a little - group members are shown correctly and smbd
doesn't crash.
Hope you like it. Note, no "ldap trust ids" is necessary. :o)
Igor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samba-3.0.7-enum_group_prmembers.patch
Type: text/x-patch
Size: 22191 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040926/4739bf60/samba-3.0.7-enum_group_prmembers.bin
More information about the samba-technical
mailing list