[Samba] Samba 3.0.12pre1 Available for Download

Farkas Levente lfarkas at bppiac.hu
Fri Mar 4 22:54:15 GMT 2005


On Pén, Március 4, 2005 17:59, Volker Lendecke mondta:
> On Mon, Feb 28, 2005 at 08:11:44AM -0600, Gerald (Jerry) Carter wrote:
>> Volker still owes some docs on it as far as I know.
>
> By default, Samba as a Domain Controller with an LDAP backend needs to use
> the
> Unix-style NSS subsystem to access user and group information. Due to the
> way
> Unix stores user information in /etc/passwd and /etc/group this inevitably
> leads to inefficiencies. One important question a user needs to know is
> the
> list of groups he is member of. The plain Unix model involves a complete
> enumeration of the file /etc/group and its NSS counterparts in LDAP. In
> this
> particular case there often optimized functions are available in Unix, but
> for
> other queries there is no optimized function available.
>
> To make Samba scale well in large environments, the ldapsam:trusted=yes
> option
> assumes that the complete user and group database that is relevant to
> Samba is
> stored in LDAP with the standard posixAccount/posixGroup model, and that
> the
> Samba auxiliary object classes are stored together with the the posix data
> in
> the same LDAP object. If these assumptions are met, ldapsam:trusted=yes
> can be
> activated and Samba can completely bypass the NSS system to query user
> information. Optimized LDAP queries can speed up domain logon and
> administration tasks a lot. Depending on the size of the LDAP database a
> factor
> of 100 or more for common queries is easily achieved.

is this means samba with ldap can work without nss_ldap?
if it's true it can be a very important new features and can made 'samba
with ldap' configuration much easier! imho in this case it should have to
documented and highlighted in the release notes!

-- 



More information about the samba mailing list