feedback on ldap improvement in samba 4.11

Andrew Bartlett abartlet at
Tue Nov 19 19:53:04 UTC 2019

On Wed, 2019-11-13 at 11:24 +0100, Denis Cardon via samba-technical
> Hi everyone,
> I just wanted to say how impressed I was with the improvement in
> memory 
> handling in ldap server in samba 4.11 that were announced in the
> changelog.
> I was doing some debug on OOMKiller issues on a Samba-AD 4.9 with a 
> large database in production. There are some buggy softwares that
> make 
> queries for all users (the most peculiar one I have seen is a print 
> driver...) and Samba 4.9 properly handles the query but allocate
> around 
> 2GiB RAM for the query while the client downloads the result. With a 
> handfull of such queries piling up it can quickly run the server out
> of 
> memory.
> On the other hand with Samba-4.11 memory is allocated in a much more 
> frugal way and it can handle hundred of such buggy queries without 
> crashing (it may be slow but it does not crash). So kudos the
> Catalyst 
> dev team for that great piece of work!

Thank you so much!  This work started long, long ago when Simo (at the
time controversially) made ldb async, so it was really nice to be able
to finish the job and see the end result finally show in something so

When we did it, we were not sure that it would help outside our
synthetic benchmarks, so to hear the difference it makes in the real
world is wonderful!

> About the prefork model, the master ldap process is properly
> restarting 
> the child process after a SIGTERM but it is not restarting after a 
> SIGKILL. Is it normal?

I get Gary's view about a manual kill -9 respawing perhaps being
unwanted, but I agree, a re-spawn system that doesn't cope with the OOM
killer is less than ideal, I would have expected such a process to be
restarted (perhaps after a bit longer wait). 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT

More information about the samba-technical mailing list