Bug 6994 - When using ldapsam backend, setpwent() - getpwent() - endpwent() is still used, giving HUGE performance hit
Summary: When using ldapsam backend, setpwent() - getpwent() - endpwent() is still use...
Alias: None
Product: Samba 3.4
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.4.3
Hardware: Sparc Linux
: P3 major
Target Milestone: ---
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2009-12-16 18:44 UTC by Åke Holmlund
Modified: 2009-12-17 01:45 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Åke Holmlund 2009-12-16 18:44:18 UTC
We recently ran into problems when we started using Autodesk MatchMover2010. Starting this application from our Samba-server on an Windows XP client (member of an Samba controlled domain) takes forever! It turns out that starting this application causes the function get_memberuids() in passdb/pdb_interface.c to be called about 300 - 400 times (don't ask me why...), each call takes about 5 seconds (getting our entire LDAP user database from the LDAP-server and looping through all the entries).

Shouldn't all handling of users, groups, and so on, be done directly from LDAP when ldapsam is being used? In this particular case I imagine it would be A LOT faster to get all members of a group by searching the LDAP-database instead of making a detour through the "normal" user/group library calls.
Comment 1 Volker Lendecke 2009-12-17 01:45:06 UTC
That's exactly what ldapsam:trusted was designed to fix. You might give it a try, but be aware that this has more strict requirements on the records in LDAP (i.e. a root and a guest account have to exist in LDAP etc).

If that does not reduce the load, please re-open the bug.