[Samba] net rpc trustdom list: enumerates all accounts

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon May 7 09:04:14 GMT 2007

On Mon, May 07, 2007 at 10:37:03AM +0200, werner maes wrote:
> When I perform the "net rpc trustdom list" command I get the 
> "couldn't enumerate accounts" error.
> I use LDAP as passdb backend with approximately 30000 accounts.
> If I run the command, I can see from my LDAP logs that it tries to 
> list every account on the LDAP server. Therefore the "net rpc 
> trustdom list" command times out.
> Is this normal behaviour?

With 'passdb backend = ldapsam' it is quite unfortunate, but
expected. We have done quite extensive optimizations for
this case with "ldapsam:trusted = yes", but this options
puts quite strict restrictions on the conformance of your
ldap tree.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20070507/942de579/attachment.bin

More information about the samba mailing list