[Samba] Slow ldap authentication against samba 4
Allen Chen
achen at harbourfrontcentre.com
Thu Aug 13 15:06:37 UTC 2015
On 8/13/2015 9:23 AM, Jefferson P. S. Emerick wrote:
> Good Morning.
>
> So.. anybody else have this same issue? Slow ldap authentication?
>
> --
> Grato,
> Jefferson Parreira dos Santos Emerick
>
> 2015-01-20 9:52 GMT-02:00 Jefferson Parreira dos Santos Emerick <
> jeparre at gmail.com>:
>
>> I have many corporate systems that connect to Samba 4 for authentication
>> and a considerable number of users and machines that need this
>> authentication working well and smoothly.
>> I try a java script too, with the same problem.
>>
>> I found foruns with the same problem about postfix trying to use samba4
>> and having trouble in slow tree search or auth, without solution.
>>
>> --
>> Grato,
>> Jefferson Parreira dos Santos Emerick
>>
>> 2015-01-20 9:42 GMT-02:00 Rowland Penny <rowlandpenny at googlemail.com>:
>>
>>> On 20/01/15 11:14, Jefferson Parreira dos Santos Emerick wrote:
>>>
>>>> Yeah.. I wrote a simple script in python to test it. Here is the scrit:
>>>>
>>>> *import ldap*
>>>> *from threading import Thread*
>>>> *import time*
>>>> *import sys*
>>>> *
>>>> *
>>>> *class LDAPTtryThread(Thread):*
>>>> *
>>>> *
>>>> * def __init__(self, **kwargs):*
>>>> * Thread.__init__(self)*
>>>> *self.id <http://self.id> = kwargs.get('id')*
>>>> * self.host = kwargs.get('host')*
>>>> * self.username = kwargs.get('username')*
>>>> * self.password = kwargs.get('password')*
>>>> * self.timeout = kwargs.get('timeout',None)*
>>>> *
>>>> *
>>>> * def run(self):*
>>>> * try:*
>>>> * l = ldap.open(self.host)*
>>>> * l.protocol_version = ldap.VERSION3*
>>>> * l.port = 389*
>>>> * if self.timeout:*
>>>> * l.set_option(ldap.OPT_TIMEOUT, self.timeout)*
>>>> * l.simple_bind_s(self.username, self.password)*
>>>> * print '%s OK' %self.id <http://self.id>*
>>>> * except ldap.LDAPError, e:*
>>>> * print '%s FAIL' %self.id <http://self.id>, e*
>>>> *
>>>> *
>>>> *for i in range(int(sys.argv[4])):*
>>>> * timeout = None*
>>>> * if len(sys.argv) > 5:*
>>>> * timeout = int(sys.argv[5])*
>>>> * LDAPTesteThread(*
>>>> * id=i, host=sys.argv[1], username=sys.argv[2],
>>>> password=sys.argv[3],timeout=timeout).start()*
>>>>
>>>>
>>>>
>>> Hmm, no idea if that is part of the problem or not, to me python is a
>>> snake :-D
>>>
>>> Why do you want to use ldap authentication ?
>>>
>>> Do you have some specific programs that you want to connect to AD ?
>>>
>>>
>>> Rowland
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>
I configured squid-cache proxy server to use Samba4 AD DC as the ldap
server, and I don't see any slow authentication.
This is a production setup.
Allen
--
Allen Chen
Network Administrator
IT
Harbourfront Centre
235 Queens Quay West, Toronto, ON
M5J 2G8, Canada | harbourfrontcentre.com <http://www.harbourfrontcentre.com>
Office: +1 416 973 7973
Cell: +1 416 556 2493
More information about the samba
mailing list