[Samba] Samba 3.0.12pre1 Available for Download

Farkas Levente lfarkas at bppiac.hu
Fri Mar 4 22:54:15 GMT 2005

On Pén, Március 4, 2005 17:59, Volker Lendecke mondta:
> On Mon, Feb 28, 2005 at 08:11:44AM -0600, Gerald (Jerry) Carter wrote:
>> Volker still owes some docs on it as far as I know.
> By default, Samba as a Domain Controller with an LDAP backend needs to use
> the
> Unix-style NSS subsystem to access user and group information. Due to the
> way
> Unix stores user information in /etc/passwd and /etc/group this inevitably
> leads to inefficiencies. One important question a user needs to know is
> the
> list of groups he is member of. The plain Unix model involves a complete
> enumeration of the file /etc/group and its NSS counterparts in LDAP. In
> this
> particular case there often optimized functions are available in Unix, but
> for
> other queries there is no optimized function available.
> To make Samba scale well in large environments, the ldapsam:trusted=yes
> option
> assumes that the complete user and group database that is relevant to
> Samba is
> stored in LDAP with the standard posixAccount/posixGroup model, and that
> the
> Samba auxiliary object classes are stored together with the the posix data
> in
> the same LDAP object. If these assumptions are met, ldapsam:trusted=yes
> can be
> activated and Samba can completely bypass the NSS system to query user
> information. Optimized LDAP queries can speed up domain logon and
> administration tasks a lot. Depending on the size of the LDAP database a
> factor
> of 100 or more for common queries is easily achieved.

is this means samba with ldap can work without nss_ldap?
if it's true it can be a very important new features and can made 'samba
with ldap' configuration much easier! imho in this case it should have to
documented and highlighted in the release notes!


More information about the samba mailing list