access idmap cache directly from smbd
Gerald (Jerry) Carter
jerry at samba.org
Tue Aug 19 12:32:16 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Volker Lendecke wrote:
> On Mon, Aug 18, 2008 at 04:28:32PM -0700, Jeremy Allison wrote:
>> Pseudocode to try and make things clearer...
>>
>> smbd_check_winbindd_cache();
>> if (!in_cache) {
>> smbd_check_in_local_memory_cache();
>> }
>> if (!in_cache) {
>> ask_winbindd();
>> }
>>
>> do_legacy_mapping_and_store_in_local_memory_cache();
>
> What about the case where winbind does not run, we have
> pdb_ldap as a DC, and we use "hide unreadable"? Every smbd
> has to ask ldap itself. This is what killed the LDAP server
> for me.
Hey VOlker,
The possibilities from the discussion are (as I understand
them are):
a) Utilize the winbind cache as a cache management, database
layer used by both smbd and winbindd
b) Add a local caching mechanism on a per pdb instance
(i.e. just in pdb_ldap)
c) Extend smbd's in memory sid/id cache to a tdb that can
be shared by all smbd processes but is individual from
winbind's own idmap cache.
The issue with (a) is that it recouples winbindd to smbd
by relying on a common cache manager (instead of the API
we have now). Solution (b) means duplicate code in every
pdb that needs a cache. But (c) seems perfectly valid.
I don't understand what the problem is with that solution.
Architecturally it is very satisfying to me. Also it solves
the scenario you describe above as well as the general case.
cheers, jerry
- --
=====================================================================
Samba ------- http://www.samba.org
Likewise Software --------- http://www.likewisesoftware.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIqr1QIR7qMdg1EfYRAmhIAJ91kUjusAKumFdONypdsqYU6IYvDQCg22/I
ue47iiJ+VD+kzuxmYfLex4M=
=pkc8
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list