[Samba] Slow ldap authentication against samba 4
Gabriel Franca
gabriel.franca at gmail.com
Thu Aug 13 17:14:56 UTC 2015
Hi,
force use ipv4 on squid.
external_acl_type NT_group ipv4 %LOGIN /usr/lib64/squid/ext_wbinfo_group_acl
> Em 13/08/2015, à(s) 12:06, Allen Chen <achen at harbourfrontcentre.com> escreveu:
>
> On 8/13/2015 9:23 AM, Jefferson P. S. Emerick wrote:
>> Good Morning.
>>
>> So.. anybody else have this same issue? Slow ldap authentication?
>>
>> --
>> Grato,
>> Jefferson Parreira dos Santos Emerick
>>
>> 2015-01-20 9:52 GMT-02:00 Jefferson Parreira dos Santos Emerick <
>> jeparre at gmail.com>:
>>
>>> I have many corporate systems that connect to Samba 4 for authentication
>>> and a considerable number of users and machines that need this
>>> authentication working well and smoothly.
>>> I try a java script too, with the same problem.
>>>
>>> I found foruns with the same problem about postfix trying to use samba4
>>> and having trouble in slow tree search or auth, without solution.
>>>
>>> --
>>> Grato,
>>> Jefferson Parreira dos Santos Emerick
>>>
>>> 2015-01-20 9:42 GMT-02:00 Rowland Penny <rowlandpenny at googlemail.com>:
>>>
>>>> On 20/01/15 11:14, Jefferson Parreira dos Santos Emerick wrote:
>>>>
>>>>> Yeah.. I wrote a simple script in python to test it. Here is the scrit:
>>>>>
>>>>> *import ldap*
>>>>> *from threading import Thread*
>>>>> *import time*
>>>>> *import sys*
>>>>> *
>>>>> *
>>>>> *class LDAPTtryThread(Thread):*
>>>>> *
>>>>> *
>>>>> * def __init__(self, **kwargs):*
>>>>> * Thread.__init__(self)*
>>>>> *self.id <http://self.id> = kwargs.get('id')*
>>>>> * self.host = kwargs.get('host')*
>>>>> * self.username = kwargs.get('username')*
>>>>> * self.password = kwargs.get('password')*
>>>>> * self.timeout = kwargs.get('timeout',None)*
>>>>> *
>>>>> *
>>>>> * def run(self):*
>>>>> * try:*
>>>>> * l = ldap.open(self.host)*
>>>>> * l.protocol_version = ldap.VERSION3*
>>>>> * l.port = 389*
>>>>> * if self.timeout:*
>>>>> * l.set_option(ldap.OPT_TIMEOUT, self.timeout)*
>>>>> * l.simple_bind_s(self.username, self.password)*
>>>>> * print '%s OK' %self.id <http://self.id>*
>>>>> * except ldap.LDAPError, e:*
>>>>> * print '%s FAIL' %self.id <http://self.id>, e*
>>>>> *
>>>>> *
>>>>> *for i in range(int(sys.argv[4])):*
>>>>> * timeout = None*
>>>>> * if len(sys.argv) > 5:*
>>>>> * timeout = int(sys.argv[5])*
>>>>> * LDAPTesteThread(*
>>>>> * id=i, host=sys.argv[1], username=sys.argv[2],
>>>>> password=sys.argv[3],timeout=timeout).start()*
>>>>>
>>>>>
>>>>>
>>>> Hmm, no idea if that is part of the problem or not, to me python is a
>>>> snake :-D
>>>>
>>>> Why do you want to use ldap authentication ?
>>>>
>>>> Do you have some specific programs that you want to connect to AD ?
>>>>
>>>>
>>>> Rowland
>>>>
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>
>>>
>
> I configured squid-cache proxy server to use Samba4 AD DC as the ldap server, and I don't see any slow authentication.
> This is a production setup.
>
> Allen
>
> --
> Allen Chen
> Network Administrator
> IT
>
> Harbourfront Centre
>
> 235 Queens Quay West, Toronto, ON
> M5J 2G8, Canada | harbourfrontcentre.com <http://harbourfrontcentre.com/> <http://www.harbourfrontcentre.com <http://www.harbourfrontcentre.com/>>
> Office: +1 416 973 7973
> Cell: +1 416 556 2493
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba <https://lists.samba.org/mailman/options/samba>
More information about the samba
mailing list