Bug 3024 - [PATCH] winbind nss user/grouplist fails with large ad user count
Summary: [PATCH] winbind nss user/grouplist fails with large ad user count
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.20
Hardware: All All
: P1 major
Target Milestone: 3.0.25
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact: Samba QA Contact
URL:
Keywords:
: 3660 (view as bug list)
Depends on:
Blocks: 3660
  Show dependency treegraph
 
Reported: 2005-08-22 08:14 UTC by Johann Hanne
Modified: 2007-05-11 20:09 UTC (History)
3 users (show)

See Also:

Attachments
Proposed patch (1004 bytes, patch)
2005-08-22 08:15 UTC, Johann Hanne 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johann Hanne 2005-08-22 08:14:56 UTC 
There is a bug in winbind/nss: When there are MANY (1000+ here) AD users and 
FEW (20 here) of them actually have a unix mapping (we use idmap_ad with 
uidNumber attributes), listing the users ("getent passwd") and groups fails. 
 
The reason is that winbindd_getpwent (nsswitch/winbindd_user.c) and 
winbindd_getgrent (nsswitch/winbindd_group.c) fetch users/groups in chunks of 
250 by default. If there is no unix-mapped user within a chunk, it will fail 
without further searching the user list. The attached patchs changes the 
behaviour to fetch users until there are 250 users who have actually a 
unix-mapping.
Comment 1 Johann Hanne 2005-08-22 08:15:28 UTC 
Created attachment 1396 [details]
Proposed patch
Comment 2 Bob Gautier (550 Unknown Recipient) 2006-04-10 04:10:29 UTC 
See also BZ#3660?
Comment 3 Gerald (Jerry) Carter (dead mail address) 2006-04-20 07:51:19 UTC 
*** Bug 3660 has been marked as a duplicate of this bug. ***
Comment 4 Jeremy Allison 2007-05-11 20:09:21 UTC 
Correct - thanks. I've fixed in SAMBA_3_0, SAMBA_3_0_25 and SAMBA_3_0_26 trees. Probably too late for 3.0.25 but will make any subsequent release.
Jeremy.