[Samba] Samba 3.0.12pre1 Available for Download
John H Terpstra
jht at samba.org
Fri Mar 4 17:26:12 GMT 2005
Should I add this to the HOWTO at this time?
If so, should it go under the chapter on group handling?
Jerry, are you intent on expanding this in any way?
- John T.
On Friday 04 March 2005 09:59, Volker Lendecke wrote:
> On Mon, Feb 28, 2005 at 08:11:44AM -0600, Gerald (Jerry) Carter wrote:
> > Volker still owes some docs on it as far as I know.
> By default, Samba as a Domain Controller with an LDAP backend needs to use
> the Unix-style NSS subsystem to access user and group information. Due to
> the way Unix stores user information in /etc/passwd and /etc/group this
> inevitably leads to inefficiencies. One important question a user needs to
> know is the list of groups he is member of. The plain Unix model involves a
> complete enumeration of the file /etc/group and its NSS counterparts in
> LDAP. In this particular case there often optimized functions are available
> in Unix, but for other queries there is no optimized function available.
> To make Samba scale well in large environments, the ldapsam:trusted=yes
> option assumes that the complete user and group database that is relevant
> to Samba is stored in LDAP with the standard posixAccount/posixGroup model,
> and that the Samba auxiliary object classes are stored together with the
> the posix data in the same LDAP object. If these assumptions are met,
> ldapsam:trusted=yes can be activated and Samba can completely bypass the
> NSS system to query user information. Optimized LDAP queries can speed up
> domain logon and
> administration tasks a lot. Depending on the size of the LDAP database a
> factor of 100 or more for common queries is easily achieved.
John H Terpstra
Phone: +1 (650) 580-8668
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba