Proposals for idmap backend redesign [was Re: svn commit: samba r16822 - in trunk/source/include: .]

Jeremy Allison jra at
Wed Jul 5 18:26:55 GMT 2006

On Wed, Jul 05, 2006 at 10:20:06AM -0500, Gerald (Jerry) Carter wrote:
> Here is what Volker proposed to me this morning on the phone.
> Separate the authoritative and caching functions. Currently
> we label id backends as local or remote with the latter using
> caching provided by the local tdb backend.  Let's remove local
> vs. remote and simply have a persistent vs. cache relationship.
> The persistent can be heavy (transactional local db, remote
> LDAP, AD, etc...) which the caching layer is lighter (possibly
> reuse gencache).

Sound right to me. Correct separation of mechanism and policy.

> The cache can be shared by smbd and winbindd thus removing
> the sid to id cache in lookup_sid.c.  The persistent backend
> and hence uid/gid allocation is only provided by winbindd.

Yes - and separate out the request for an id mapping and
the allocation of a new one. Push that up into the caller
to make that decsision.

> This way we can
> (a) have drop replacements for persistent storage
> (b) have a tunable expiring cache layer that is reused by all.
> Sound reasonable?  I will volunteer to do the initial
> redesign work if everyone agrees.

Sounds fine to me. Thanks,


More information about the samba-technical mailing list