[Samba] Testing a forest trusts in Samba 4.4.5 AD environment

Alex Crow acrow at integrafin.co.uk
Tue Jul 12 11:30:17 UTC 2016 

On 12/07/16 12:22, mathias dufresne wrote:
> Database size would interest us here, with and without trust if you 
> have these metrics. Global catalog is supposed to stored some 
> attributes of almost all objects of all trusted domains, if me 
> understanding is correct and we have no real idea about what that 
> means in concrete terms.
>

One domain has 3 users, the other about 400.

On one of the small domain DCs:

srwxrwxrwx 1 root root     0 Jul 10 17:14 ldapi
drwxr-xr-x 2 root root     6 Nov 17  2015 smbd.tmp
drwxr-x--- 2 root root    18 Jul 10 17:14 ldap_priv
drwxrwx--- 3 root named   36 Jul  7 13:08 dns
drwx------ 2 root root    48 Nov 17  2015 tls
-rw-r--r-- 1 root root    95 Nov 17  2015 krb5.conf
-r--r--r-- 1 root root   284 Nov 17  2015 named.conf.update
-rwxrwxrwx 1 root root   633 Jul  6 18:43 named.conf
-rw------- 1 root root   696 Nov 17  2015 randseed.tdb
-rw-r----- 1 root named  762 Jul  6 18:43 dns.keytab
-rw-r--r-- 1 root root   955 Nov 17  2015 spn_update_list
-rw------- 1 root root  1.1K Nov 17  2015 secrets.keytab
-rw------- 1 root root  2.0K Apr 13 07:36 dns_update_cache
-rw-r--r-- 1 root root  2.1K Jul  6 18:43 named.txt
-rw-r--r-- 1 root root  3.2K Nov 17  2015 dns_update_list
drwxr-x--- 2 root named 4.0K Jul  7 13:08 sam.ldb.d
drwx------ 2 root root  4.0K Jul 12 12:25 msg.sock
-rw------- 1 root root   24K Jul 12 11:59 schannel_store.tdb
-rw------- 1 root root   24K Jul 11 15:00 netlogon_creds_cli.tdb
-rw------- 1 root root  416K Nov 17  2015 secrets.tdb
-rw------- 1 root root  1.3M Nov 17  2015 share.ldb
-rw------- 1 root root  1.3M Jul  6 18:43 secrets.ldb
-rw------- 1 root root  1.3M Nov 17  2015 privilege.ldb
-rw------- 1 root root  1.3M Nov 17  2015 hklm.ldb
-rw------- 1 root root  3.1M Jul 12 12:19 idmap.ldb
-rw------- 1 root root  4.1M Nov 17  2015 sam.ldb

On the large domain DC:

srwxrwxrwx 1 root root     0 Jul 12 10:13 ldapi
drwxr-xr-x 2 root root     6 Jul  2 03:29 smbd.tmp
drwxr-x--- 2 root root    18 Jul 12 10:13 ldap_priv
drwxrwx--- 3 root named   36 Jul  2 03:21 dns
drwx------ 2 root named   48 Jul  2 03:29 tls
-rw-r--r-- 1 root named   94 Jul  2 03:21 krb5.conf
-r--r--r-- 1 root root   231 Jul  2 03:29 named.conf.update
-rw-r--r-- 1 root named  633 Jul  2 03:21 named.conf
-rw-r----- 1 root named  807 Jul  2 03:21 dns.keytab
-rw-r--r-- 1 root named  955 Jul  2 03:21 spn_update_list
-rw------- 1 root named 1.2K Jul  2 03:21 secrets.keytab
-rw------- 1 root root  1.9K Jul  2 03:29 dns_update_cache
-rw-r--r-- 1 root named 2.1K Jul  2 03:21 named.txt
-rw-r--r-- 1 root named 3.2K Jul  2 03:21 dns_update_list
drwxr-x--- 2 root named 4.0K Jul  2 03:21 sam.ldb.d
drwx------ 2 root named 4.0K Jul 12 12:26 msg.sock
-rw------- 1 root root   24K Jul 12 12:24 schannel_store.tdb
-rw------- 1 root root   24K Jul 12 10:13 netlogon_creds_cli.tdb
-rw------- 1 root root  420K Jul  2 03:29 secrets.tdb
-rw------- 1 root named 1.3M Jul  2 03:11 wins.ldb
-rw------- 1 root named 1.3M Jul  2 03:11 share.ldb
-rw------- 1 root named 1.3M Jul  2 03:21 secrets.ldb
-rw------- 1 root named 1.3M Jul  2 03:21 privilege.ldb
-rw------- 1 root named 1.3M Jul  2 03:21 hklm.ldb
-rw------- 1 root named 1.6M Jul 12 11:01 idmap.ldb
-rw------- 1 root named 4.1M Jul  2 03:21 sam.ldb

As you can see, the DB sizes are similar...

Hope this is of help,

Alex

--
This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.
This email is not intended to, nor should it be taken to, constitute advice.
The information provided is correct to our knowledge & belief and must not
be used as a substitute for obtaining tax, regulatory, investment, legal or
any other appropriate advice.

"Transact" is operated by Integrated Financial Arrangements Ltd.
29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300.
(Registered office: as above; Registered in England and Wales under
number: 3727592). Authorised and regulated by the Financial Conduct
Authority (entered on the Financial Services Register; no. 190856).

More information about the samba mailing list