Bug 14539 - winbindd should avoid lookupsids for idmapping if not required
Summary: winbindd should avoid lookupsids for idmapping if not required
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 4.13.0
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-20 15:14 UTC by Stefan Metzmacher
Modified: 2021-02-04 08:27 UTC (History)
4 users (show)

See Also:

Attachments
Additional patch for v4-14-test (3.33 KB, patch)
2021-01-22 12:55 UTC, Stefan Metzmacher 		no flags Details
Additional patch for v4-14-test (3.45 KB, patch)
2021-01-27 10:29 UTC, Stefan Metzmacher 		slow: review+
Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Metzmacher 2020-10-20 15:14:07 UTC 
If the idmap backend already knows how to map a given SID it's not required
to do a lookupsids just to find out if the sid belongs to a user or group.

Also backends supporting ID_TYPE_BOTH only care if the domain exists,
with that it should be possible to accept kerberos authentication
without contacting any domain controller.
Comment 1 Samba QA Contact 2020-10-23 04:48:14 UTC 
This bug was referenced in samba master:

1576421dbdd2cfe9a47516224cb54bf15ba51132
58e9b62222ad62c81cdf11d704859a227cb2902b
f5eec89011cf7b577375d83247524587f170b592
95b0dac0af5bc7ee85c6c8099dda135c36c9684b
7518a0ca32cade2b8b9eac0e2b5416ae685ffcff
7dbe5b4897448aa71b5a8a2175850b4010316b88
5cc21a9d319e00397ad98900d81ffb9d1d70514f
1694de1ae6ce63377d0afc47e84e55e4745905d7
2103543629004a3a22e7bf60305bb15bf3b316be
cd9a9702c1f97c47bd3447e2014eeff3e56268cf
209e81a2ea8c972ee57e2f0c9579da843c0e2ac7
a8f57c94fc2294c309ecb18ea79d0acac86c495b
d42aaeba6e0820acd17f204ff7ab6d1aede1b303
82fd07793f065e150729848566e7c30f4f4d472e
b8c74b7b46d1c7f6b66e565ee08f8c88d6dc2cc4
28e020c0a863411cfa95e3b1ed943d922b8635bd
79c1d3aaf6d465a8edd1871edb85211f8715fea1
04956350a5725325954b2caba662ecd6dace7829
797b11f198e819300007997ce536bc6d05f19843
231c8d04b19a1c17937f988d142ca5c0f889d4e0
f6bb0ed21f82f2cf1f238f9f00cd049ecf8673af
cda61f592a0b33d36da8da9b6837312396cceec4
19c8b6a8b188e45a6342a3d1308085800388a38e
374acc2e5fcc3c4b40f41906d0349499e3304841
3f4626ea6d235470195918b77af35ac2cfeb227c
c55f4f37589130a0d8952489da175bbcf53f6748
493f5d6b078e0b0f80d1ef25043e2834cb4fcb87
54b4d2d3cb307019a260d15c6e6b4a3fb7fc337c
Comment 2 Stefan Metzmacher 2020-10-23 14:25:48 UTC 
https://gitlab.com/samba-team/samba/-/merge_requests/1636 is also needed
Comment 3 Stefan Metzmacher 2020-10-23 14:27:53 UTC 
I'm not sure if we should backport this. I guess I'd at least avoid 4.12,
maybe 4.13, but only if someone asks for it.
Comment 4 Andreas Schneider 2020-10-23 14:31:08 UTC 
I think 4.13 would be nice.
Comment 5 Stefan Metzmacher 2021-01-22 12:55:45 UTC 
Created attachment 16402 [details]
Additional patch for v4-14-test
Comment 6 Stefan Metzmacher 2021-01-27 10:29:50 UTC 
Created attachment 16409 [details]
Additional patch for v4-14-test

Added the missing Reviewed-by: Ralph Boehme <slow@samba.org>
Comment 7 Ralph Böhme 2021-01-27 10:46:36 UTC 
Reassigning to Karolin for inclusion in 4.14.
Comment 8 Karolin Seeger 2021-01-27 11:31:08 UTC 
(In reply to Ralph Böhme from comment #7)
Pushed to autobuild-v4-14-test.
Comment 9 Samba QA Contact 2021-01-29 13:53:49 UTC 
This bug was referenced in samba master:

d8339056eef2845805f573bd8b0f3323370ecc8f
Comment 10 Samba QA Contact 2021-01-29 13:55:53 UTC 
This bug was referenced in samba v4-14-test:

99673b77b069674a6145552eb870de8829dfa503
Comment 11 Samba QA Contact 2021-02-04 08:27:24 UTC 
This bug was referenced in samba v4-14-stable (Release samba-4.14.0rc2):

99673b77b069674a6145552eb870de8829dfa503