On Mon, 16 Jan 2006 14:04:51 -0800 Quanah Gibson-Mount <[EMAIL PROTECTED]> wrote:
> This seems somewhat broken to me -- What if information about a given user > changes? For example, we lock out/freeze accounts based on DMCA > complaints. That gets reflected in the directory server. If the systems > were caching that data instead of doing live lookups, we'd have a major > problem on our hands. Well, as long as you don't use it for long, I don't see it as a big deal. > This connection looks up the rdn of the users UID (SuRegID), and then uses > that to find out if they belong to a particular privilege group, doing a > compare. > > Again, no need for a database dump here. The idea is that the LDAP server > *is* the database. Sure. From what I can tell it will be a mix of both. The dump will probably be required only occasionally, but I still want it to be efficient. > If the Samba folks are dumping the entire database and caching it, it just > seems to me to be another instance of their lack of comprehension about how > to use LDAP. Honestly, the smbd may only do that once, I don't really know. I'm not familiar with the internals, so a judgement on the Samba folks may be premature. Jim
