[Samba] Best way to access the AD database from scripts
prunkdump at gmail.com
Thu Feb 4 09:50:05 UTC 2021
Hello Samba Team and users !
I wrote some scripts that interoperate with samba to manage users,
groups and some other AD objects. Everything works fine and I now want
to improve performance.
So I would like to know what is the best way in terms of performance
to read user/group/ou informations :
-> as domain controller
-> as domain member
It would be great also if the access has no latency. For example, as a
domain controller, wbinfo sometimes continues to give user information
just after deleting the user with samba-tool.
Is this better to use :
ldbsearch and access to sam.ldb directly ?
winbind with wbinfo ?
winbind with nsswitch tools : uid, getent, ... ?
the ldap:// protocol ?
the samba python library ?
net command ?
Thanks if someone can help me !
More information about the samba