[PATCH] New external idmap module
simo
idra at samba.org
Tue May 30 22:46:17 GMT 2006
On Wed, 2006-05-31 at 00:43 +0200, Volker Lendecke wrote:
> On Tue, May 30, 2006 at 06:33:05PM -0400, simo wrote:
> > > > No it is not, as smbd has it's own local in memory cache for speed
> > > > purposes.
> > >
> > > Not arguing here. I do see the idmap as speed sensitive.
> >
> > And forking out a script would do better in this regard?
> > please...
>
> Again: The only reason that holds against forking is the
> ability to change mappings on the fly and to deactivate the
> local cache.
This is one of the reasons, another is to be able to use the tcp
connection to point to a central daemon without the need to run an ldap
server just for this purpose.
Another one is for example that with a daemon you don't have to
initialize a new sql connection at each required mapping or any other
potentially slow operation.
> BTW, thinking about it... Why would a central daemon not be
> able to map a SID to a unix ID? The whole point of the idmap
> range is that we are free to allocate from that. This is
> another assumption quite deep in the code. Thus negative
> hits happen exactly once per SID. What am I missing here?
Have you thought what happen when you use idmap_ad and a user/group does
not have any rfc2307 attribute associated?
Same thing.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
More information about the samba-technical
mailing list