Broadening the scope of the negative connection cache

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue May 13 14:35:20 GMT 2008


On Tue, May 13, 2008 at 09:29:43AM -0500, Gerald (Jerry) Carter wrote:
> > The obvious solution would be to migrate the negative 
> > connection cache to be stored in a different way, probably
> > as a TDB file.  This would allow every child process to share
> > the failure information.
> 
> I believe the easiest way to achieve this is simply to
> use the gencache API and set a 60 second TTL on entries.

While there -- can we move the idmap cache there as well?

What that would do: smbd could also put stuff in there. This
is really necessary for people having ACLs and "hide
unreadable". For each file we have to translate the gids to
sids. This basically took down a PDC's LDAP server of a
customer of mine. No winbind around, just smbd.

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080513/a3b547e1/attachment.bin


More information about the samba-technical mailing list