[Samba] SSSD and "groups" command
mathias dufresne
infractory at gmail.com
Tue Aug 11 13:43:15 UTC 2015
Hi all,
Using Samba 4 as AD I was experiencing slow reactivity on Linux clients
when running "groups" command (perhaps also using "id" as it retrieves
groups). Running groups command was more than 10s.
This is now solved indexing "member" attribute.
ldbedit -H $sam -b 'CN=SCHEMA,CN=CONFIGURATION,DC=SAMBA,DC=DOMAIN'
'(cn=member)' --option="dsdb:schema update allowed"=true
then modifying:
searchFlags: 0
to:
searchFlags: 1
When AD database is heavily loaded indexing process could a (very) long
time. It seems this time is needed on Schema Master and on others DCs. I'm
not really sure about that...
Anyway changing member's searchFlags before injecting objects make indexing
process almost transparent.
Cheers,
mathias
More information about the samba
mailing list