svn commit: samba r10838 - in
abartlet at samba.org
Sun Oct 9 09:51:31 GMT 2005
On Sun, 2005-10-09 at 11:44 +0200, Volker Lendecke wrote:
> On Sun, Oct 09, 2005 at 07:03:42PM +1000, Andrew Bartlett wrote:
> > My only worry is that we now have two ways we get the auth2'ed pipe:
> > Either in the librpc code or in winbindd. Your approach nicely takes
> > advantage of the way I re-designed that area, however.
> winbind needs to take care of finding DC's and keeping connections open to
> domain controllers anyway. Opening many persistent SMB connections to DC's is
> not an option, there might be *many* of them. I've seen an installation with
> 500 resource domains all trusting a single central user domain. Every resource
> domain was equipped with PDC and BDC, and the (older) winbinds on those opened
> 3-4 connections to the 2 central DC's each. That just killed the central
> DC's. This installation started the rpc redesign in Samba3. So in Samba4 I'd
> rather not make this mistake again and re-use SMB connections as much as I
The RPC-SCHANNEL test tries to share connections, using
dcerpc_secondary_connection(). It's a bit messy however.
> So I'd rather vote for winbind providing the services everybody needs via
> irpc than everybody opening connections himself.
This is certainly a worthwhile approach.
> > Examples of how to do a netlogon are in the RPC-SCHANNEL, RPC-SAMLOGON
> > and RPC-NETLOGON tests. I personally really like the SamLogonEx call,
> > where we don't have to worry about the credentials chaining (but we need
> > to make Samba3 support it, and fallback...).
> You know how I think about backwards compatibility. :-)
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051009/3cfcbf88/attachment.bin
More information about the samba-technical