[PATCH][WIP] Make the Samba AD DC multi-process
Stefan Metzmacher
metze at samba.org
Wed Nov 30 06:38:37 UTC 2016
Am 21.11.2016 um 05:01 schrieb Andrew Bartlett:
> On Fri, 2016-10-14 at 20:01 +1300, Andrew Bartlett wrote:
>> G'Day,
>>
>> Attached is a WIP set of patches to make Samba connect to ldb faster,
>> for the @ATTRIBUTES load, used until we can read the full schema.
>>
>> This avoids some O(n^2) behaviour for the 600 attributes in the
>> default
>> schema, which was taking 5% of the time to run a simple ldbsearch.
>>
>> Please consider, but don't push until I run the beachmarks.
>
> Attached is some work in progress to do this, and to allow the LDAP and
> NETLOGON server to be multi-process.
>
> This breaks the RPC protocol by not checking the assoc_group when we
> accept a bind to the NETLOGON rpc server in the AD DC.
>
> It also breaks the current link between the lsarpc services and
> netlogon, which currently allow a bind on either pipe to access these
> services.
>
> I've tried to make that all as generic as possible.
>
> Please comment. I don't plan to push this without coming back to the
> list.
It will take some time to go through this...
One comment on hash_computer_name() now:
- what's the point of doing such complex logic
using hmac_sha256?
- I'd just use tdb_jenkins_hash()
metze
More information about the samba-technical
mailing list