[PATCH] New external idmap module
simo
idra at samba.org
Tue May 30 22:19:41 GMT 2006
On Wed, 2006-05-31 at 00:12 +0200, Volker Lendecke wrote:
> On Tue, May 30, 2006 at 06:00:01PM -0400, simo wrote:
> > > If this is needed I would much rather see a script forked
> > > per unknown SID that is then entered into the
> > > winbindd_idmap.tdb.
> >
> > No this would not work for people that want a consistent mapping and
> > want to use their own mapping facility.
>
> Why not? If you have a local cache then hitting unknown SIDs
> should be rare enough that we can afford a fork and exec I
> think. What this script then does is completely up to that.
In some cases the remote map may not have a mapping for a specific SID,
in that case the script would be hit really too often, because we do not
have a negative caching.
> > And no, requiring to do an rm winbindd_idmap.tdb and restarting samba is
> > not what I consider a nice and easy way to do it.
>
> It's not nice, but the whole idea of changing mappings is
> dirty and broken enough that this does not add much mud. If
> you want to speed that up you can pre-populate an idmap and
> distribute it.
This is a way to do it, just easier.
> > Forking a script for each mapping when idmap_external is a local cache
> > would be overkill.
>
> What do you mean by "idmap_external" being a local cache? I
> don't see how we can do without the winbindd_idmap.tdb at
> all. This is just too speed sensitive.
No it is not, as smbd has it's own local in memory cache for speed
purposes.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
More information about the samba-technical
mailing list