[Samba] Simple Samba PDC - tdbsam limitations?

Ryan Novosielski novosirj at umdnj.edu
Sat Dec 22 07:18:09 GMT 2007

Hash: SHA1

simo wrote:
> On Fri, 2007-12-21 at 13:48 -0500, Ryan Novosielski wrote:
>> Hash: SHA1
>> Charles Marcus wrote:
>>> Charles Marcus, on 12/21/2007 8:06 AM, said the following:
>>>> What are the limitations of the tdbsam backend, with respect to
>>>> performance and the number of workstations/users it can reasonably be
>>>> expected to support?
>>> Never mind - of course this is well documented in the most excellent
>>> 'The Official SAMBA-3 HOWTO and Reference Guide'...
>>> For anyone curious - it is not generally recommended to use the tdbsam
>>> backend for sites with 250+ users, but this is only because these sites
>>> likely will be spread out and require BDCs and multiple servers...
>>> They specifically mention one site using the tdbsam backend with 4,500+
>>> users with no performance problems whatsoever...
>>> Sorry for the noise.
>> This is extremely timely for me, since I was looking into this subject
>> just this morning.
>> I have about 11,500 users on an smbpasswd file! :-o This does not work
>> very well, and we recently reached a breaking point. I looked into
>> tdbsam, figuring that that might be the easy way to go (I do not need
>> replication, as this backend is running a computer lab, not 11,500
>> concurrent users). The fact that my setup is two orders of magnitude
>> larger than the recommendation for tdbsam gives me pause.
>> Can anyone comment on this? I'm sorta in an emergency situation, not a
>> design situation... I'm almost looking at MySQL because that is
>> something that I could reasonably deploy in the next 48 hours. LDAP
>> would require at least some substantial reading for me, I'd think. Maybe
>> not.
> If you do  not need to replicate user information elsewhere tdbsam is
> the fastest backend you can get.
> The recommendation about 250+ users has more to do with network
> topologies usually implemented when you get around these numbers, and
> has nothing to do with the scalability of the backend itself.

The unfortunate thing is that I'm running CIFS/9000 (HP's version of
Samba). Their support is very good, but they're willing to let me run
smbpasswd (which has finally melted down), but they say that tdbsam is
not recommended for over 250 users. Something tells me the Samba team
should actually change their tune on this and say what the backend
should support, not at what point I'd want replication. There are easily
situations where a place could have very few concurrent users and very
many users in their password file, meaning that smbpasswd is a terrible
idea, but replication is not actually necessary.

I would say that tdbsam is definitely FAR more scalable than smbpasswd,
is that right?

- --
 ---- _  _ _  _ ___  _  _  _
 |Y#| |  | |\/| |  \ |\ |  | |Ryan Novosielski - Systems Programmer II
 |$&| |__| |  | |__/ | \| _| |novosirj at umdnj.edu - 973/972.0922 (2-0922)
 \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list