[patch] ldb in Samba3
tridge at samba.org
tridge at samba.org
Sat Sep 23 03:38:13 GMT 2006
Volker,
> > Question: In alias_memberships, why didn't you use one big
> > ldb filter or'ing all the SIDs? If we ever back this to
> > LDAP, we save a lot of round trips this way.
>
> yes, that would certainly be more efficient on a network. I was really
> just being lazy, and not doing the talloc_asprintf_append() loop. I'll
> fix it up.
err, I'm an idiot. We don't need that function at all! I'd just
forgotten the old adage "don't test first, try and see if it fails"
Instead of having the whole alias_memberships() function, we just need
this in modify_aliasmem():
if (operation == LDB_FLAG_MOD_ADD &&
ret == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
return NT_STATUS_MEMBER_IN_ALIAS;
}
and the ldb error code tells us if the member is already there. That
also means we don't need the is_aliasmem() function.
Also, I've changed to storing each domain in a separate subtree. That
means we don't need the ugly wildcard search on SIDs, and we don't
need to mark it WILDCARD. That should be friendlier for real ldap
databases too.
New patch attached.
Cheers, Tridge
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldb_groupdb.patch
Type: application/octet-stream
Size: 56027 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060922/1cad6e3e/ldb_groupdb.obj
More information about the samba-technical
mailing list