[Samba] Slow ldap authentication against samba 4

Allen Chen achen at harbourfrontcentre.com
Thu Aug 13 15:06:37 UTC 2015


On 8/13/2015 9:23 AM, Jefferson P. S. Emerick wrote:
> Good Morning.
>
> So.. anybody else have this same issue? Slow ldap authentication?
>
> --
> Grato,
> Jefferson Parreira dos Santos Emerick
>
> 2015-01-20 9:52 GMT-02:00 Jefferson Parreira dos Santos Emerick <
> jeparre at gmail.com>:
>
>> I have many corporate systems that connect to Samba 4 for authentication
>> and a considerable number of users and machines that need this
>> authentication working well and smoothly.
>> I try a java script too, with the same problem.
>>
>> I found foruns with the same problem about postfix trying to use samba4
>> and having trouble in slow tree search or auth, without solution.
>>
>> --
>> Grato,
>> Jefferson Parreira dos Santos Emerick
>>
>> 2015-01-20 9:42 GMT-02:00 Rowland Penny <rowlandpenny at googlemail.com>:
>>
>>> On 20/01/15 11:14, Jefferson Parreira dos Santos Emerick wrote:
>>>
>>>> ​ Yeah.. I wrote a simple script in python to test it. Here is the scrit:
>>>>
>>>> *import ldap*
>>>> *from threading import Thread*
>>>> *import time*
>>>> *import sys*
>>>> *
>>>> *
>>>> *class LDAPTtryThread(Thread):*
>>>> *
>>>> *
>>>> *  def __init__(self, **kwargs):*
>>>> *      Thread.__init__(self)*
>>>> *self.id <http://self.id> = kwargs.get('id')*
>>>> *      self.host = kwargs.get('host')*
>>>> *      self.username = kwargs.get('username')*
>>>> *      self.password = kwargs.get('password')*
>>>> *      self.timeout = kwargs.get('timeout',None)*
>>>> *
>>>> *
>>>> *  def run(self):*
>>>> *      try:*
>>>> *          l = ldap.open(self.host)*
>>>> *          l.protocol_version = ldap.VERSION3*
>>>> *          l.port = 389*
>>>> *          if self.timeout:*
>>>> *              l.set_option(ldap.OPT_TIMEOUT, self.timeout)*
>>>> *          l.simple_bind_s(self.username, self.password)*
>>>> *          print '%s OK' %self.id <http://self.id>*
>>>> *      except ldap.LDAPError, e:*
>>>> *          print '%s FAIL' %self.id <http://self.id>, e*
>>>> *
>>>> *
>>>> *for i in range(int(sys.argv[4])):*
>>>> *  timeout = None*
>>>> *  if len(sys.argv) > 5:*
>>>> *      timeout = int(sys.argv[5])*
>>>> *  LDAPTesteThread(*
>>>> *      id=i, host=sys.argv[1], username=sys.argv[2],
>>>> password=sys.argv[3],timeout=timeout).start()*
>>>>>>>>
>>>>
>>> Hmm, no idea if that is part of the problem or not, to me python is a
>>> snake :-D
>>>
>>> Why do you want to use ldap authentication ?
>>>
>>> Do you have some specific programs that you want to connect to AD ?
>>>
>>>
>>> Rowland
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>

I configured squid-cache proxy server to use Samba4 AD DC as the ldap 
server, and I don't see any slow authentication.
This is a production setup.

Allen

-- 
Allen Chen
Network Administrator
IT

Harbourfront Centre

235 Queens Quay West, Toronto, ON
M5J 2G8, Canada | harbourfrontcentre.com <http://www.harbourfrontcentre.com>
Office: +1 416 973 7973
Cell: +1 416 556 2493


 


More information about the samba mailing list