[PATCH][WIP] Make the Samba AD DC multi-process

Stefan Metzmacher metze at samba.org
Wed Nov 30 06:38:37 UTC 2016

Am 21.11.2016 um 05:01 schrieb Andrew Bartlett:
> On Fri, 2016-10-14 at 20:01 +1300, Andrew Bartlett wrote:
>> G'Day,
>> Attached is a WIP set of patches to make Samba connect to ldb faster,
>> for the @ATTRIBUTES load, used until we can read the full schema.
>> This avoids some O(n^2) behaviour for the 600 attributes in the
>> default
>> schema, which was taking 5% of the time to run a simple ldbsearch.
>> Please consider, but don't push until I run the beachmarks.
> Attached is some work in progress to do this, and to allow the LDAP and
> NETLOGON server to be multi-process. 
> This breaks the RPC protocol by not checking the assoc_group when we
> accept a bind to the NETLOGON rpc server in the AD DC.
> It also breaks the current link between the lsarpc services and
> netlogon, which currently allow a bind on either pipe to access these
> services. 
> I've tried to make that all as generic as possible.
> Please comment.  I don't plan to push this without coming back to the
> list. 

It will take some time to go through this...

One comment on hash_computer_name() now:
- what's the point of doing such complex logic
  using hmac_sha256?
- I'd just use tdb_jenkins_hash()


More information about the samba-technical mailing list