[SCM] Samba Shared Repository - branch master updated - 62791bbd030f7db272ca68260a4f7586de6576d0

Gerald (Jerry) Carter jerry at samba.org
Tue Sep 16 20:12:09 GMT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Volker Lendecke wrote:
> On Tue, Sep 16, 2008 at 12:50:33PM -0500, Gerald (Jerry) Carter wrote:
>> It's the correct place IMO.  If you look at query_user,
>> whe the netsamlog_cache entry is inplace, we call
>> nss_get_info_cached() since we've already cached info
>> hopefully.  But if we have not, the nss_get_info() is passed
>> a NULL ADS pointer.   Note that the *only* reason I ever included
>> the ADS_STRUCT* in the API signature here was to allow
>> winbindd_ads.c to pass in previous search results (if it had them)
>> as an optimization.
>>
>> Does that make sense?
> 
> Well, I just don't understand that whole logic in that
> routine with regards to the ADS_STRUCT. We have two structs
> in that routine, one from ad_idmap_cached_connection() and
> the other one potentially passed in as a parameter. Why
> those two? My impression would be that we should reduce the
> number of connections to the DC, and not increase them.
> Every connection setup takes round-trips. I thought that
> winbindd_cm.c was initially thought as the central
> connection manager for RPC connections, trying to optimize
> the number of 445 connections.
> 
> Can you explain the difference between the
> ad_idmap_cached_connection() and the one passed in?

It's a hack.  Consider the case where you are enumerating users.
You have the winbindd_methods layer above the idmap and nss_info
layers.  The winbind_methods layer uses winbindd_cm but the idmap
and nss_info layer have always had to use their own connection
management.

When you enumerate users (prior to nss_info API about 18 months
ago), winbindd_ads would query AD using LDAP to enumerate users
and pull the posix attributes at the same time.  I added the ADS_STRUCT
parameter as a means specifically for idmap_ad to be able to
use the information already returned by winbindd_ads.c.  I'm more than
happy to drop that parameter since it is a gross hack.  It would
only affect idmap_ad and since I'm about to fix the connection
management in thatr plugin, I'm more than happy to let it go away.



cheers, jerry
- --
=====================================================================
Samba                                    ------- http://www.samba.org
Likewise Software          ---------  http://www.likewisesoftware.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI0BMZIR7qMdg1EfYRAuB4AKCwnuguWw3FatVvqtG3nFIL762YXQCgvDif
v8j4PFh1VI0CkDdRwthZW+M=
=zhEh
-----END PGP SIGNATURE-----

More information about the samba-technical mailing list