[Samba] net rpc trustdom list: enumerates all accounts
Volker Lendecke
Volker.Lendecke at SerNet.DE
Mon May 7 09:04:14 GMT 2007
On Mon, May 07, 2007 at 10:37:03AM +0200, werner maes wrote:
> When I perform the "net rpc trustdom list" command I get the
> "couldn't enumerate accounts" error.
> I use LDAP as passdb backend with approximately 30000 accounts.
> If I run the command, I can see from my LDAP logs that it tries to
> list every account on the LDAP server. Therefore the "net rpc
> trustdom list" command times out.
>
> Is this normal behaviour?
With 'passdb backend = ldapsam' it is quite unfortunate, but
expected. We have done quite extensive optimizations for
this case with "ldapsam:trusted = yes", but this options
puts quite strict restrictions on the conformance of your
ldap tree.
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20070507/942de579/attachment.bin
More information about the samba
mailing list